Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Custom Search







Table Of Contents  CertiGuide to Security+
 9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)
      9  1.4  Attacks
           9  1.4.3  Spoofing

Previous Topic/Section
Types of Spoofing
Previous Page
Pages in Current Topic/Section
1
Next Page
1.4.4  Man in the Middle
Next Topic/Section

How Can We Protect Our Network From Spoofing?

To help prevent against spoofing attacks being successful on your own network, set up a router filter that does not allow outside packets whose source address is set to a host in one of your internal networks, into your network. This will catch most (some?) spoofing attempts originating outside your network, directed toward your network. It will not catch attempts made from inside your network (spoofing the address of another internal host, perhaps in an attempt to gain privileges), or attempts made against a third party’s network in which your network is listed as the origin of the attack in the source IP address.

Additionally, you should also filter outbound packets, ensuring that no packets with a source IP address that is not within your network are allowed to leave it – a malicious user is likely spoofing such packets. (If everyone did this, the spoofing problem would largely disappear. The fact that spoofing is still an issue clearly demonstrates that, amazingly, years after spoofing first became a common occurrence, not everyone has gotten around to this yet.)

No Spoofing

Do you have rules on your Internet gateway router to prevent spoofed traffic going in or out? If not, research how to add such rules on your particular equipment, and then do so. As with any network configuration modification, test this after hours before implementing it on your network – and be ready to reverse it at a moment’s notice if all of a sudden the CTO calls you asking why his network analysis program (which for some reason known only to deities tweaks source or destination IP address inappropriately) stopped working.



Previous Topic/Section
Types of Spoofing
Previous Page
Pages in Current Topic/Section
1
Next Page
1.4.4  Man in the Middle
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $



Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.