Hi, Anti-spoofing is required because an attacker may spoof the packets and send it to your firewall by some means with the source IP Address as one of your Internal(LAN) Valid IP address. If this is the case and your firewall is NOT configured for handling such spoofed packets, the Malicious packet will enter your network and cause havoc.
Basics of Firewall - Configure Anti-spoofing on all interfaces of your Enforcement Modules. You configure NAT (Dynamic or Static) so that the external hacker doesnt come to know about ur Internal LAN IP address information/scheme and sending SPOOFED packets for an unknown network would really become a tedious/impossible job for him. Anti-Spoofing or NATting alone doesnt protects your network from attacks, there are several other things alongwith which these 2 should be configured. Regards Rajveer > -----Original Message----- > From: [EMAIL PROTECTED] > [SMTP:[EMAIL PROTECTED] > Sent: Wednesday, January 14, 2004 3:25 PM > To: [EMAIL PROTECTED] > Subject: [FW-1] IP Spoofing Question > > Quick question about IP spoofing. > > If an organisation uses rfc1918 IP addresses, why would it be still > necessary to implement IP spoofing on the firewall. > As far as I know ISP do not route rfc1918 traffic, therefore the > organisation should not be vulnerable to attacks. or am I missing > something ??? > > If someone has knows of any good articles it would also help, especially > something that can be tried out in a test lab. > > > > > This E-mail transmission may contain confidential or legally privileged > information that is intended for the addressee only. > E-mail communications are not necessarily secure and may be intercepted or > altered after they are sent. Norwich Union International does not accept > liability for any such alterations. Any views or opinions presented are > solely those of the author and do not necessarily represent those of > Norwich Union International. If you are not the intended recipient, you > are hereby notified that any disclosure, copying, distribution or reliance > upon the contents of this E-mail is strictly prohibited. If you have > received this E-mail transmission in error, please notify the sender > immediately, so that Norwich Union International may arrange for its > proper delivery. Please then delete the message from your inbox. While > steps have been taken to prevent computer viruses, we cannot guarantee > that attachments are virus free and we would therefore advise that you > make further checks as Norwich Union International are not liable to third > parties for any damages resulting. > > Norwich Union International Limited is supervised by the Regulatory > Authorities of the Republic of Ireland. > > Norwich Union International Limited 6 Georges Dock International Financial > Services Centre Dublin 1 Republic of Ireland Registered No 303257 > Telephone + 353 1 802 8494 Fax + 353 1 802 8400 > www.nuinternational.com > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
