Penetration Testing mailing list archives
Re: IP Spoofing/Masquarading
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 9 Sep 2009 15:16:54 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Actually, it is sometimes amazing to see how far such packets will get across the internet at large. routers need to be setup to specifically prevent this, they are not really designed to do so by default. Unless the IOS has changed dramatically over the past few years whence I have not had to play with them much. This statement should be corrected to;
Private IPs (as per RFS 1918) should not be openly routed over internet. Thanks, Ron DuFresne On Wed, 9 Sep 2009, aditya mukadam wrote:
Private IPs (as per RFS 1918) cannot be routed over internet. Thanks, Aditya Govind Mukadam On Wed, Sep 9, 2009 at 11:49 AM, M.D.Mufambisi <mufambisi () gmail com> wrote:I understand that IP packets can be spoofed ie change the source address to make it look like they originated from the internal LAN. However, when this is done across the internet, with a private IP address in its source field, how does this packet get routed through the internet? Kind Regards ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 These things happened. They were glorious and they changed the world..., and then we fucked up the endgame. --Charlie Wilson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFKp/8pst+vzJSwZikRAjBtAKDBJ6UgYk59Og76dTJ+m4IXgEqMBgCfYJeA t4VSYxBFXOsPbru3rPlLshE= =HwqI -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: IP Spoofing/Masquarading, (continued)
- Re: IP Spoofing/Masquarading James Bensley (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Fabien Vincent (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Marco Ivaldi (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading matteo filippetto (Sep 09)
- Message not available
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading Sebastiaan (Sep 09)
- Re: IP Spoofing/Masquarading Jared Curtis (Sep 09)
- Re: IP Spoofing/Masquarading M.D.Mufambisi (Sep 09)
- Re: IP Spoofing/Masquarading aditya mukadam (Sep 09)
- Re: IP Spoofing/Masquarading R. DuFresne (Sep 09)
- RE: IP Spoofing/Masquarading Erik Soosalu (Sep 09)
- Re: IP Spoofing/Masquarading Samuel Korpi (Sep 09)