WebApp Sec mailing list archives
RE: Tying a session to an IP address
From: "Toni Heinonen" <Toni.Heinonen () teleware fi>
Date: Mon, 10 May 2004 22:48:44 +0300
You're assuming that routers care about a packets origin.
That's not a far-fetched assumption. Of course, your perimeter router (or perhaps firewall) is supposed to filter all
traffic clearly not from the internet (127/8, 224, APIA, RFC1918 and of course your own addresses) and it isn't
far-fetched to think ISPs do filtering on their clients' outbound traffic. My ISP does this, I can't spoof my address.
Also, the ISP's routers at different connection points across the Internet can do reverse filtering based on their
routing information (if a packet says it's coming from 193.65.76 and that network is by routing information only behind
another interface, it's discarded). I've heard of ISPs that do this too.
--
TONI HEINONEN
TELEWARE OY
Mob. +358 40 836 1815 / Tel. +358 (9) 3434 9110
Laajalahdentie 23, FIN-00330 Helsinki, Finland
toni () teleware fi / www.teleware.fi
Current thread:
- RE: Tying a session to an IP address, (continued)
- RE: Tying a session to an IP address Imperva Application Defense Center (May 10)
- Re: Tying a session to an IP address T.J. (May 10)
- Re: Tying a session to an IP address Adam Tuliper (May 10)
- RE: Tying a session to an IP address Steve McCullough (May 11)
- RE: Tying a session to an IP address Wolf, Yonah (May 10)
- RE: Tying a session to an IP address Scovetta, Michael V (May 10)
- Re: Tying a session to an IP address exon (May 10)
- Re: Tying a session to an IP address Mark Foster (May 10)
- Re: Tying a session to an IP address exon (May 10)
- RE: Tying a session to an IP address Tom Arseneault (May 10)
- RE: Tying a session to an IP address Toni Heinonen (May 10)
- Re: Tying a session to an IP address exon (May 10)
- RE: Tying a session to an IP address Tom Martin (May 11)
- RE: Tying a session to an IP address Imperva Application Defense Center (May 10)