[Gllug] iptables - a quick question
tet at accucard.com
tet at accucard.com
Thu Nov 29 13:01:25 UTC 2001
>I only have one nic as the PC is my workstation.
An extra network card costs less than a tenner...
>Is it possible to spoof an IP as 127.0.0.1, or localhost accross the
>Internet? One of the enterprise (!starship) techs suggested that the
>linux kernel would not allow a packet to be sent out with a source IP
>of 127.0.0.1.
1. The rest of the world doesn't all use Linux
2. Even if it was true (and I haven't checked), the kernel source is
easily modified to remove such a restriction...
As far as I'm aware, yes, a packet with a 127.0.0.1 source address will
probably route fine across the internet. I doubt many routers will even
look at the source address unless explicitly configured to do so.
Note that in addition to 127.0.0.1, you should consider all RFC1918
address that you're not using to be spoofed. Thus if your network uses
192.168.1.0/24, then packets from 10.0.0.0/8 are bogus, as are packets
from other 192.168 subnets.
Tet
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list