[Gllug] iptables - a quick question
Stig Brautaset
stigbrau at start.no
Thu Nov 29 19:19:48 UTC 2001
* will <will at hellacool.co.uk> spake thus:
> itsbruce at uklinux.net wrote:
>
> >You are, of course, setting firewall rules to detect incoming packets
> >with spoofed local addresses.
>
> How is this possible? How do you detect a spoofed IP?
Note, spoofed *local* addresses. I.e. 192.168.x.x, 10.x.x.x etc. (IIRC,
don't shoot me if I'm wrong). Also, if you get any packets from the
outside claiming to be coming from an ip-address you know exists on the
*inside* of your firewall, I imagine you can be pretty sure it is
spoofed.
Regards,
Stig
--
brautaset.org
Registered Linux User 107343
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list