Penetration Testing mailing list archives
Re: IP Spoofing/Masquarading
From: Samuel Korpi <korpi.samuel () gmail com>
Date: Wed, 9 Sep 2009 14:30:55 +0300
2009/9/9 M.D.Mufambisi <mufambisi () gmail com>:
I understand that IP packets can be spoofed ie change the source address to make it look like they originated from the internal LAN. However, when this is done across the internet, with a private IP address in its source field, how does this packet get routed through the internet?
The main issue is, how do the reply packets get back to the attacker? If the source address is spoofed, the destination address for the reply packets is invalid and the attacker has no idea whether the original packet successfully reached its destination. To answer your original guestion, the packet with spoofed source address may or may not get routed through the Internet. Packets with the so called private IP addresses (e.g., 10.x.x.x address space) are, in general, dropped by Internet routers. Also, the outbound firewall might check for spoofed addresses and drop those packets. /Samuel ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: IP Spoofing/Masquarading, (continued)
- Re: IP Spoofing/Masquarading Fabien Vincent (Sep 09)
- Re: IP Spoofing/Masquarading Marco Ivaldi (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading matteo filippetto (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Sebastiaan (Sep 09)
- Re: IP Spoofing/Masquarading Jared Curtis (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading aditya mukadam (Sep 09)
- Re: IP Spoofing/Masquarading R. DuFresne (Sep 09)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 09)
- Re: IP Spoofing/Masquarading Samuel Korpi (Sep 09)