Re: IP address spoof

• To: etdrc@public.bta.net.cn
• Subject: Re: IP address spoof
• From: Brain21 <brain21@montag33.residence.gatech.edu>
• Date: Sun, 28 Apr 1996 21:38:25 -0400 (EDT)
• cc: www-security@ns2.rutgers.edu
• In-Reply-To: <199604270750.PAA09973@public.bta.net.cn>

On Sat, 27 Apr 1996 etdrc@public.bta.net.cn wrote:

>      Hi,Could you like to answer me a question?
>     I heared of IP address spoof many times.But I don't know what is IP 
> address spoof and how to detech it.I also want to know whether the  
> access-list added on my router can detech IP address spoof and protect my LAN.
>                 

IP address spoofing is when I pretend that I am one of your machines in 
an attempt to get another one of your machines to allow me access 
(showmounting, rlogins, etc.).  It's more complicated than that, but 
thats the gist of it.  Anyway, to stop it configure your gatewayrouter 
(the one that connects your LAN to the Net) to examine source addresses.  
If it sees a packet coming FROM the Internet pretending to be a machine that 
is ON YOUR LAN, then the packets should be logged and dropped.  Also, 
dont trust machines outside your LAN.  I fyou have UNIX boxes on your 
LAN, make sure things like .rhosts files are secure (IOW, no "+ +" 
entries, and no entries for machines that are NOT in your LAN).

Brain21

• IP address spoof
• From: etdrc@public.bta.net.cn

• Previous: Re: Restrictions group without ask for the password
• Next: unsuscribe
• Index(es):
  • Index
  • Thread