Re: Anti-Spoofing

To: tech-net%netbsd.org@localhost
Subject: Re: Anti-Spoofing
From: Ignatios Souvatzis <ignatios%cs.uni-bonn.de@localhost>
Date: Wed, 7 Sep 2011 08:22:14 +0200

On Mon, Sep 05, 2011 at 06:55:13PM +0200, Edgar Fuß wrote:
> So to answer my own questions: At least on 3.1 (which was the easiest for me 
> to test on):
> 
> 1. The filter doesn't see unicast datagrams from me to me at all.

This might be because those are auto-routed via loopback, so they don't
really hit the driver, if I recall correctly. 

> 2. Both broadast or multicast datagrams from me are seen twice by the filter.

outgoing and incoming?

> 3. It works to use ``keep state'' with them.
> 
> I still don't know what happens to fake packets from outside
> pretending to be sent ``by me''. I hope they will be seen by the
> filter.

I think they will.

        -is

Follow-Ups:
- Re: Anti-Spoofing
  - From: Edgar Fuß

References:
- Anti-Spoofing
  - From: Edgar Fuß
- Re: Anti-Spoofing
  - From: is
- Re: Anti-Spoofing
  - From: Edgar Fuß
- Re: Anti-Spoofing
  - From: Edgar Fuß

Prev by Date: Re: Anti-Spoofing
Next by Date: Re: Anti-Spoofing
Previous by Thread: Re: Anti-Spoofing
Next by Thread: Re: Anti-Spoofing
Indexes:

Home | Main Index | Thread Index | Old Index