Firewalls: KarlBridge/KarlBrouter and IP address spoofing

Firewalls
(February 1995)

Indexed By Thread: [Previous] [Next]

Subject:	KarlBridge/KarlBrouter and IP address spoofing
From:	Steve Kennedy <steve @ gbnet . org>
Date:	Mon, 6 Feb 1995 23:06:21 +0000 (GMT)
To:	firewalls @ greatcircle . com

Hi,

just a quick note to say that the KarlBridge/KarlBrouter products
correctly drop spoofed IP addresses.

Ports are specified as local or remote and both the source and
destination addresses are compared against the local/remote rule sets.
Therefore as rules are executed in-order of entry it is possible to
specify that any packets with your address entering your network are
dropped and then a general rule that allows any packets through.

Regards

Steve

-- 
 ___  |_  ___        ___                      Flat 2, 43 Howitt Road
(___  |  (___) \  / (___)                               Belsize Park
 ___) |  (___   \/  (___                              London NW3 4LU
[MIME OK]                                    tel +44-(0)171 483 1169
steve @
 gbnet .
 {com,org,net} home (or steve @
 tel .
 net)    GSM 0802 444500
steve @
 marvin .
 demon .
 co .
 uk  Demon Internet Dial-up    data 2400 449500
WWW http://www.demon.co.uk/subscribers/m/marvin/         9600 449501
UNIX/Networking Consulting steve @
 NetTek .
 co .
 uk            fax  449502

Indexed By Date	Previous:	Re: Which free 386 Unix flavor is best for a firewall ? From: Paul Traina <pst @ cisco . com>
Indexed By Date	Next:	Re: Which free 386 Unix flavor is best for a firewall ? From: Jeff Libman <jeffrl @ nuchat . sccsi . com>
Indexed By Thread	Previous:	Re: unix for 486 with token ring card as a firewall From: sdw @ lig . net (Stephen D. Williams)
Indexed By Thread	Next:	CISCO packet filtering From: Lee Hooi Teck <teck @ ms . mimos . my>