I would look under network filtering tools and firewalls. Try google "websense firewall".

Trying to battle IP spoofing? Just curious... what sort of firewall are you using? I have only used cisco.. and I would like to know more.. if you have found any decent articles will you post the URLs here? thanks..

Cymru

www.cymru.com/Bogons/index.html


Create a boson list for your border router.

Use a similar philosophy as you understand your network better throughout your network.

Bogons are defined as Martians (private and reserved addresses defined by RFC 1918 and RFC 3330) and netblocks that have not been allocated to a regional internet registry (RIR) by the Internet Assigned Numbers Authority. IANA maintains a convenient IPv4 summary page listing allocated and reserved netblocks. Our page includes additional links and resources to assist those who wish to properly filter bogon prefixes within their networks.

Keeping up with the bogon filters and IANA allocations isn't difficult, though the format required may not always be readily available. We have attempted to meet this challenge by providing the bogon prefix list in a plethora of formats. These are all updated at the same time, and are based on the same tracking method. The IANA IPv4 allocation list is polled daily and any changes are noted. Within 24 hours the myriad templates are updated and notifications are sent to several lists.

How much does it help to filter the bogons? In one study conducted by Rob Thomas of a frequently attacked site, fully 60% of the naughty packets were obvious bogons (e.g. 127.1.2.3, 0.5.4.3, etc.). A presentation based on that study, entitled "60 Days of Basic Naughtiness," can be viewed here. Your mileage may vary, and you may opt to filter more conservatively or more liberally. As always, you must KNOW YOUR NETWORK to understand the effects of such filtering.

Aggressive ingress and egress filtering is good and wise, but must be maintained. We provide a variety of means to make this maintenance as painless as possible. Please do keep your bogon filters current. The fine folks at the RIPE NCC have a project underway to debogonise new allocations. You can read more about it at www.ris.ripe.net/debogon/.

While not all DDoS uses bogons, every little bit helps. Please note that bogon filtering is a component of anti-spoofing filtering, which is also very important. Internet security is all about "the other guy." If one sizeable network is unsecure, it WILL be used to abuse other networks. Please help us to secure the edge.