Protection Against Attacks
Now that you have a basic understanding of ACL configuration and their additional features, the rest of this chapter focuses on some important filtering rules that you should implement on your router. In this section, I assume that your router is acting either as a perimeter router or as the main perimeter firewall.
Bogon Blocking and Spoofing
A bogon is a network or route prefix that should not appear in an Internet routing table. Many types of bogon addresses exist, including the following:
• Addresses that should be used only internally, such as RFC 1918 addresses.
• Loopback addresses (127.0.0.0/8).
• Reserved IANA addresses.
• Multicast addresses (224.0.0.0/4).
• Research addresses (240.0.0.0/4).
• DHCP local ...
Get Cisco Router Firewall Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
