O'Reilly logo

Cisco Router Firewall Security by Richard A. Deal

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Protection Against Attacks

Now that you have a basic understanding of ACL configuration and their additional features, the rest of this chapter focuses on some important filtering rules that you should implement on your router. In this section, I assume that your router is acting either as a perimeter router or as the main perimeter firewall.

Bogon Blocking and Spoofing

A bogon is a network or route prefix that should not appear in an Internet routing table. Many types of bogon addresses exist, including the following:

• Addresses that should be used only internally, such as RFC 1918 addresses.

• Loopback addresses (127.0.0.0/8).

• Reserved IANA addresses.

• Multicast addresses (224.0.0.0/4).

• Research addresses (240.0.0.0/4).

• DHCP local ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required