If your rfc addresses network accesses the Internet you are always open to spoofing. Remember routers will route on the destination IP address normally (unless there is policy routing applied) and therefore if you're network has public address say 199.x.x.x the ISP will route traffic to it regardless of the source address which can be spoofed. It is therefore good practice to have spoofing dectection enabled.
----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, January 14, 2004 9:55 AM Subject: [FW-1] IP Spoofing Question > Quick question about IP spoofing. > > If an organisation uses rfc1918 IP addresses, why would it be still > necessary to implement IP spoofing on the firewall. > As far as I know ISP do not route rfc1918 traffic, therefore the > organisation should not be vulnerable to attacks. or am I missing > something ??? > > If someone has knows of any good articles it would also help, especially > something that can be tried out in a test lab. > > > > > This E-mail transmission may contain confidential or legally privileged information that is intended for the addressee only. > E-mail communications are not necessarily secure and may be intercepted or altered after they are sent. Norwich Union International does not accept liability for any such alterations. Any views or opinions presented are solely those of the author and do not necessarily represent those of Norwich Union International. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or reliance upon the contents of this E-mail is strictly prohibited. If you have received this E-mail transmission in error, please notify the sender immediately, so that Norwich Union International may arrange for its proper delivery. Please then delete the message from your inbox. While steps have been taken to prevent computer viruses, we cannot guarantee that attachments are virus free and we would therefore advise that you make further checks as Norwich Union International are not liable to third parties for any damages resulting. > > Norwich Union International Limited is supervised by the Regulatory Authorities of the Republic of Ireland. > > Norwich Union International Limited 6 Georges Dock International Financial Services Centre Dublin 1 Republic of Ireland Registered No 303257 > Telephone + 353 1 802 8494 Fax + 353 1 802 8400 > www.nuinternational.com > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
