Firewalls: Re: Faking source address on TCP packets

Firewalls
(July 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Faking source address on TCP packets
From:	quent . johnson @ intellistor . com (Quentin Johnson)
Date:	Wed, 6 Jul 94 09:04:43 MDT
To:	firewalls @ greatcircle . com

"Rob Tanner" <tanner @
 george .
 arc .
 nasa .
 gov> asked about IP address spoofing:

> I'm putting a network behind a firewall that only about a dozen
> different folks need to get into.  The firewall is composed of a
> single router and a bastion host running ftp and telnet proxies out of
> the TIS firewalls toolkit.  The bastian host sits on the internet side
> of the router.  The router will silently drop all UDP and all source
> routed packets.

Why not put a router/packet filter between the Internet and the bastion
host?  Then you can tell the router to drop packets going to your
networks that have your IP addresses since nobody with your IP
addresses should be coming through the router from the Internet.

	Quent Johnson

Indexed By Date	Previous:	Re: Packet filtering overhead From: quent . johnson @ intellistor . com (Quentin Johnson)
Indexed By Date	Next:	Re: Quality of packet filtering in Cisco vs. Morning Star From: Brent Chapman <brent @ mycroft . GreatCircle . COM>
Indexed By Thread	Previous:	Faking source address on TCP packets From: "Rob Tanner" <tanner @ george . arc . nasa . gov>
Indexed By Thread	Next:	Re: Faking source address on TCP packets From: david @ bdt . com (David Beckemeyer)