[Gllug] iptables - a quick question
will
will at hellacool.co.uk
Thu Nov 29 12:34:51 UTC 2001
tet at accucard.com wrote:
>>>You are, of course, setting firewall rules to detect incoming packets
>>>with spoofed local addresses.
>>>
>>How is this possible? How do you detect a spoofed IP?
>>
>
> It's a firewall, so you have two network interfaces, one to the outside
> world, one to your internal network. If packets come in on the externally
> connected interface claiming to have a source IP from your internal
> network, then they're obviously spoofed, and should be blocked.
I only have one nic as the PC is my workstation. Is it possible to
spoof an IP as 127.0.0.1, or localhost accross the Internet? One of the
enterprise (!starship) techs suggested that the linux kernel would not
allow a packet to be sent out with a source IP of 127.0.0.1.
Will.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list