cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
300
Views
0
Helpful
1
Replies

ip verify-reverse path on PIX 515

ewieczorek
Level 1
Level 1

Hello.

In an effort to protect my network from IP Spoofing, I was thinking about applying the "ip verify-reverse path" command to my inside and outside interfaces.

Just curious as to if anyone uses this command or has any other suggestions.

Thank you!

1 Reply 1

bfl1
Level 1
Level 1

Absolutely you should implement this feature. I also suggest that you implement RFC 1918 filtering... blocking the 10 net, 192.168.x.x, and 172.16 - 172.31.x.x addresses from coming into your network from the internet... these addresses should never traverse the internet... they are common sources of spoofed addresses in denial of service attacks.

Review Cisco Networking for a $25 gift card