IP spoofing
IP spoofing is when an attacker masquerades his or her machine as a host on the target's network (fooling a target machine that packets are coming from a trusted machine on the target's internal network). Policy regarding packet routing has to be clearly written so that they will be handled accordingly if there is a security problem. It is necessary that authentication based on source address be combined with other security schemes to protect against IP spoofing attacks.
Tip: For example, if you have a Netopia router (and have five static IP addresses assigned to your account) and you have it set up with an IP range (no machine on the internal network has an IP address in your block), the Netopia router should be able to discern whether an IP address is being spoofed simply by blocking anything that comes in with a static IP address in its range. This isn't very useful if you need your static IP addresses, but it is, in a sense, spoofing prevention.
In this tutorial:
- Firewall Security Policy
- Firewall protection
- Firewall architectures
- Multi-homed host
- Screened host
- Screened subnet
- Types of firewalls
- Packet-filtering gateways
- Application gateways
- Hybrid or complex gateways
- Routing versus forwarding
- IP spoofing
- DNS and mail resolution
- Intranet
- Network trust relationships
- Virtual private networks
- Qualification of the firewall administrator
- Remote firewall administration
- Firewall backup
- System integrity
- Physical firewall security
- Firewall incident handling
- Upgrading the firewall
- Revision/update of firewall policy
- Examples of service-specific policies