Defense Against Spoofing Attacks
Packet filtering is one defense against IP spoofing attacks. The gateway to a network usually performs ingress filtering, which is blocking of packets from outside the network with a source address inside the network. This prevents an outside attacker spoofing the address of an internal machine. Ideally the gateway would also perform egress filtering on outgoing packets, which is blocking of packets from inside the network with a source address that is not inside. This prevents an attacker within the network performing filtering from launching IP spoofing attacks against external machines.
It is also recommended to design network protocols and services so that they do not rely on the IP source address for authentication.
Read more about this topic: IP Address Spoofing
Famous quotes containing the words defense against, defense and/or attacks:
“The aims of life are the best defense against death.”
—Primo Levi (1919–1987)
“If violence is wrong in America, violence is wrong abroad. If it is wrong to be violent defending black women and black children and black babies and black men, then it is wrong for America to draft us, and make us violent abroad in defense of her. And if it is right for America to draft us, and teach us how to be violent in defense of her, then it is right for you and me to do whatever is necessary to defend our own people right here in this country.”
—Malcolm X (1925–1965)
“We are seeing an increasing level of attacks on the “selfishness” of women. There are allegations that all kinds of social ills, from runaway children to the neglected elderly, are due to the fact that women have left their “rightful” place in the home. Such arguments are simplistic and wrongheaded but women are especially vulnerable to the accusation that if society has problems, it’s because women aren’t nurturing enough.”
—Grace Baruch (20th century)