Re: IP Spoofing/Masquarading

["M.D.Mufambisi" <mufambisi () gmail com>]

Marco,

Thank you very much for the clarity. I had confused things. Source
field is not used for routing. I had missed that. Thanks.

On 9/9/09, Marco Ivaldi <raptor () mediaservice net> wrote:
> On Wed, 9 Sep 2009, M.D.Mufambisi wrote:
>
> > I understand that IP packets can be spoofed ie change the source
> > address to make it look like they originated from the internal LAN.
> > However, when this is done across the internet, with a private IP
> > address in its source field, how does this packet get routed through
> > the internet?
>
> The source field is not relevant to IP routing, only the destination is. I
> strongly suggest you to read "TCP/IP Illustrated Vol. 1" by W. Richard
> Stevens [1].
>
> On the other hand, if proper egress filtering [2] is in place, you'll have
> trouble spoofing the source address of the packets leaving your network.
>
> [1].
> http://books.google.com/books?id=-btNds68w84C&lpg=PA37&ots=e-u0USRsms&dq=ip%20routing%20stevens&pg=PA37#v=onepage&q=&f=false
> [2]. http://en.wikipedia.org/wiki/Egress_filtering
>
> Hope this helps,
>
> --
> Marco Ivaldi
> Lead Security Analyst     Data Security Division
> @ Mediaservice.net Srl    http://mediaservice.net/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------