Reply to Message

I don't have as many acronyms after my title as you guys so I may be totally wrong but I'm wondering if the section about blocking private IPs from Internet-facing interfaces is entirely correct. In that section it is noted that you should block requests originating from 192.168.0 with a wildcard mask of 0.0.0.255. According to the IETF website though the range is from 192.168.0.0 - 192.168.255.255. So shouldn't the wildcard mask be 0.0.255.255 instead?

Also, wouldn't it be wise to include the range of reserved addresses for Automatic Private IP Addressing (169.254.0.0 - 169.254.255.255) ?