WebApp Sec mailing list archives
Re: Tying a session to an IP address
From: exon <exon () home se>
Date: Mon, 10 May 2004 23:11:18 +0200
Toni Heinonen wrote:
You're assuming that routers care about a packets origin.That's not a far-fetched assumption. Of course, your perimeter router (or perhaps firewall) is supposed to filter all traffic clearly not from the internet (127/8, 224, APIA, RFC1918 and of course your own addresses)
But if you wouldn't want it a public service you might as well block incoming traffic on the port anyways, so this doesn't apply.
and it isn't far-fetched to think ISPs do filtering on their clients' outbound traffic. My ISP does this, I can't spoof my address.I still haven't found one that does. And the belligerent sort that resort to spoofing often have access to a host or two on some godforsaken remote location that not even virii care about and where IP-tracking is a novelty.
Also, the ISP's routers at different connection points across the Internet can do reverse filtering based on their routing information (if a packet says it's coming from 193.65.76 and that network is by routing information only behind another interface, it's discarded). I've heard of ISPs that do this too.
See statement above regarding perimeter-routers. As for the backbone routers, this is simply ludicrous. There would be no end to the computing power required to sift out traffic on a scale of 10Gbit/sec. In Sweden, those routers run on a minimum of 60% bandwidth usage more or less nonstop. That's 750000000 octets every second, in case you were wondering.
/exon
Current thread:
- Re: Tying a session to an IP address, (continued)
- Re: Tying a session to an IP address T.J. (May 10)
- Re: Tying a session to an IP address Adam Tuliper (May 10)
- RE: Tying a session to an IP address Steve McCullough (May 11)
- RE: Tying a session to an IP address Wolf, Yonah (May 10)
- RE: Tying a session to an IP address Scovetta, Michael V (May 10)
- Re: Tying a session to an IP address exon (May 10)
- Re: Tying a session to an IP address Mark Foster (May 10)
- Re: Tying a session to an IP address exon (May 10)
- RE: Tying a session to an IP address Tom Arseneault (May 10)
- RE: Tying a session to an IP address Toni Heinonen (May 10)
- Re: Tying a session to an IP address exon (May 10)
- RE: Tying a session to an IP address Tom Martin (May 11)