Security Basics mailing list archives
Re: IP Spoofing/Masquarading
From: Brad Edmondson <brad.edmondson () gmail com>
Date: Thu, 10 Sep 2009 07:44:37 -0400
I think the idea is that you don't trust anything outside your perimeter. Though it's highly unlikely, the switch or router just outside your border can become malicious or compromised, which could then send through your border routers into your internal network. Dropping "non-routable" traffic when it shows up where it shouldn't is everyone's responsibility, and any decent ISP will do it (that is, drop it before it would get passed on to you). But do you want to rely on them to do that, knowing that if the ISP were to stop or fail to block, that your router will bring them into your internal net? It's usually (always) worth it to drop the non-routables yourself as well, even considering the likely redundancy. It can be intersting to set up a hub at the border of a test network and see what you can get over to the internal side to see if your router is correctly configured. I hope this helps, Brad On 2009-09-09, M.D.Mufambisi <mufambisi () gmail com> wrote:
So can someone explain ip spoofing in the sense that a packet may be spoofed to make it appear as if it originated from the internal lan yet it did not. I need an explanation of how it works and how the packet is structured. regards MD On 9/9/09, Dan Howerton <danny.howerton () gmail com> wrote:M.D. - The packet wont get to the internet. The moment your ISP sees it, it will be dropped. On Wed, Sep 9, 2009 at 12:19 AM, M.D.Mufambisi <mufambisi () gmail com> wrote:I understand that IP packets can be spoofed ie change the source address to make it look like they originated from the internal LAN. However, when this is done across the internet, with a private IP address in its source field, how does this packet get routed through the internet? Kind Regards ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org -------------------------------------------------------------------------- Dan Howerton http://metacortexsecurity.com GPG key: 10F5DDA5------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Samuel Korpi (Sep 11)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Sebastiaan (Sep 11)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Robert Portvliet (Sep 11)
- Re: IP Spoofing/Masquarading Marco Ivaldi (Sep 11)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Jack Carrozzo (Sep 11)
- RE: IP Spoofing/Masquarading David_Falloon (Sep 11)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Brad Edmondson (Sep 11)
- Re: IP Spoofing/Masquarading Fabien Vincent (Sep 11)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading matteo filippetto (Sep 11)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 11)
- Re: IP Spoofing/Masquarading Chris Brenton (Sep 11)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 11)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 11)
- Re: IP Spoofing/Masquarading aditya mukadam (Sep 11)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 11)
- Re: IP Spoofing/Masquarading R. DuFresne (Sep 11)
- Re: IP Spoofing/Masquarading James Bensley (Sep 11)