firewall blocking 68.*.*.* and 67.*.*.*

**gjansky** · 03-07-2002, 10:16 AM

A long time ago I used the website http://linux-firewall-tools.com/ in order to build a static ip ipchains firewall. *After generating the script, I perused it in order to fine tune it. *There's a section where ipchains denys access to all ports based on source address, and these addresses are like 192.168.*.*, and other test addresses. *In the list are 67.*.*.* and 68.*.*.*. *My question is, are those addresses valid (the 67 and 68 )? *I ask because I see a ton of denied attempts by people coming from 68.*.*.*, all of them directed at the web server.

If these are now valid, I'd open the door. *If they are not, why are 67 and 68 addresses invalid? *And if they are invalid, who would use them and why? *Spammers, bots, and hackers can forge or spoof any address, why the 67 and 68?

I'll clarify if I've confused anyone.

Thanks.

Greg

**tolstoy** · 03-07-2002, 01:39 PM

Some of the ip blocks that were once considered invaild are no longer considered so. These blocks are (or were, in some cases) considered reserved and are not assigned to the public for whatever reason, I do not know. Some of them have been assigned since 2000 and are now routable. Browse IANA's site www.iana.org for more info.

**xkill** · 03-07-2002, 06:25 PM

AFAIK these are the only blocks reserved for private addressing...

Class A
10.0.0.0 - 10.255.255.255 (10/8 prefix)

Class B
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)

Class C
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

The 67.0.0.0/8 and 68.0.0.0/8 networks were probably unallocated at the time you generated that script. However, it looks like both blocks have since been allocated up to the /20 prefix.

**gjansky** · 03-08-2002, 09:40 AM

Thanks. That's kind of what I suspected. At the time I generated the script, there were a ton of addresses to block. I'll take a look at them.

Greg

Thread: firewall blocking 68...* and 67...*

Thread Tools

Display