Great Circle Associates Firewalls
(September 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: IP spoofing
From: Lyndon David <lyndond @ sentinet . co . uk>
Date: Sun, 22 Sep 1996 17:47:05 +-100
To: "'firewalls @ greatcircle . com'" <firewalls @ greatcircle . com> 
> > a filtering router that restricts the input to your external interface
> > (known as an input filter) by not allowing a packet through if it has a
> > source address from your internal
> > network. "  
>
>         I am not clear on why this would not eliminate IP-spoofed packets
> all together.

Not only would I junk and log packets claiming to be from my internal
network but also junk and log packets that have bits set in the IP options
header. This would not protect against SYN attacks, just make it
more difficult for people to claim to be someone else whilst doing it.

Lyndon
Follow-Ups:
Indexed By Date Previous: Re: viruswalls
From: potlicker @ morebbs . com
Next: Firewall-1 + CERN http proxy
From: Fletcher Cocquyt <fletcherc @ ttmc . com>
Indexed By Thread Previous: Re: IP spoofing
From: SOBRIEN @ MAIL . STATE . WI . US
Next: Re: IP spoofing
From: Adam Shostack <adam @ homeport . org>
Google
 
Search Internet Search www.greatcircle.com