Security Basics mailing list archives
RE: IP Spoofing/Masquarading
From: <David_Falloon () kaltire com>
Date: Wed, 9 Sep 2009 08:54:04 -0700
Any competent ISP will prevent such packets from leaving their network. In cisco land its called "ip verify unicast reverse path". Basically it means the router won't pass packets addressed with a source it doesn't have a route for. So if the router is on 10.0.0.0/24 and you tell it your packets are from 10.1.0.0/24 the packet will drop straight into the bit bucket. Also, some ISP's route the private networks to their security department NIDS, to be investigated ( most don't though as there are a pile of reasons for private network traffic to leak out onto the internet and you don't want to pay pros to investigate a little old lady with her linksys router jacked backwards ). --Dave
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of M.D.Mufambisi Sent: Tuesday, September 08, 2009 11:20 PM To: pen-test () securityfocus com Cc: security-basics Subject: IP Spoofing/Masquarading I understand that IP packets can be spoofed ie change the source address to make it look like they originated from the internal LAN. However, when this is done across the internet, with a private IP address in its source field, how does this packet get routed through the internet? Kind Regards -------------------------------------------------------------- ---------- This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org -------------------------------------------------------------- ----------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Samuel Korpi (Sep 11)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Sebastiaan (Sep 11)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Robert Portvliet (Sep 11)
- Re: IP Spoofing/Masquarading Marco Ivaldi (Sep 11)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Jack Carrozzo (Sep 11)
- RE: IP Spoofing/Masquarading David_Falloon (Sep 11)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading Brad Edmondson (Sep 11)
- Re: IP Spoofing/Masquarading Fabien Vincent (Sep 11)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 11)
- Re: IP Spoofing/Masquarading matteo filippetto (Sep 11)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 11)
- Re: IP Spoofing/Masquarading Chris Brenton (Sep 11)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 11)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 11)
- Re: IP Spoofing/Masquarading aditya mukadam (Sep 11)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 11)