|
Posted by if on November 20, 2005, 9:38 am
If you were Registered and logged in, you could reply and use other advanced thread options
The firewall on my ADSL router sometimes reports stuff like the following:
Firewall:IP Spoofing detected,from 192.168.2.28 to 10.0.0.3
(my computer was on 10.0.0.3 at that point).
But is such an attack even a risk on an ADSL router? That is, if the
firewall had not been running, would an ADSL router actually allow WAN-side
traffic through to the LAN just because it claimed to be from an IP address
used by the LAN? It seems illogical that such a device could be fooled,
since WAN traffic is self-evidently WAN traffic regardless of the IP
address it presents to the router, since it arrives on a different physical
connection.
I have also heard people say that you should choose a non-obvious address
range for machines on your LAN to guard against spoofing (or attempts to
connect to specific LAN machines by guessing their IP address), but is
there really a risk here or is NAT routing immune to such subterfuges?
| 
XML site map