Penetration Testing mailing list archives
RE: IP Spoofing/Masquarading
From: "Erik Soosalu" <eriks () nationalfastfreight com>
Date: Wed, 9 Sep 2009 13:01:05 -0400
Routers by default are programmed to forward *all* traffic. They tend to only look at the destination addresses only and forward the packet to the interface with a matching route. You then use an access control list to block private network traffic, which is of course meaningless if the user spoofs with a publically routable address. But then again, that is what Unicast Reverse Path Forwading helps deal with. Thanks, Erik -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Gerardo Castillo Alvarado Sent: Wednesday, September 09, 2009 10:10 AM Cc: pen-test () securityfocus com; security-basics Subject: Re: IP Spoofing/Masquarading M.D.Mufambisi escribió:
However, when this is done across the internet, with a private IP address in its source field, how does this packet get routed through the internet?
Supposedly, routers are not programmed to forward traffic with these address ranges (FRC1918) outside of local organizations; nevertheless, all border routers should drop all incoming packet somewhat quirky... On the other hand, there are preceding to intercept internet traffic though with other techniques [1]. [1] http://www.wired.com/threatlevel/2008/08/revealed-the-in/ best regards! ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 09)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 09)
- Re: IP Spoofing/Masquarading Chris Brenton (Sep 09)
- RE: IP Spoofing/Masquarading David_Falloon (Sep 09)
- Re: IP Spoofing/Masquarading Robert Portvliet (Sep 09)
- Re: IP Spoofing/Masquarading James Bensley (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Fabien Vincent (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Gerardo Castillo Alvarado (Sep 09)
- Re: IP Spoofing/Masquarading Marco Ivaldi (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading matteo filippetto (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)