Defense Against Spoofing Attacks
Packet filtering is one defense against IP spoofing attacks. The gateway to a network usually performs ingress filtering, which is blocking of packets from outside the network with a source address inside the network. This prevents an outside attacker spoofing the address of an internal machine. Ideally the gateway would also perform egress filtering on outgoing packets, which is blocking of packets from inside the network with a source address that is not inside. This prevents an attacker within the network performing filtering from launching IP spoofing attacks against external machines.
It is also recommended to design network protocols and services so that they do not rely on the IP source address for authentication.
Read more about this topic: IP Address Spoofing
Famous quotes containing the words defense and/or attacks:
“Unlike Boswell, whose Journals record a long and unrewarded search for a self, Johnson possessed a formidable one. His life in London—he arrived twenty-five years earlier than Boswell—turned out to be a long defense of the values of Augustan humanism against the pressures of other possibilities. In contrast to Boswell, Johnson possesses an identity not because he has gone in search of one, but because of his allegiance to a set of assumptions that he regards as objectively true.”
—Jeffrey Hart (b. 1930)
“Leadership does not always wear the harness of compromise. Once and again one of those great influences which we call a Cause arises in the midst of a nation. Men of strenuous minds and high ideals come forward.... The attacks they sustain are more cruel than the collision of arms.... Friends desert and despise them.... They stand alone and oftentimes are made bitter by their isolation.... They are doing nothing less than defy public opinion, and shall they convert it by blows. Yes.”
—Woodrow Wilson (1856–1924)