Re: Anti-Spoofing

To: tech-net%netbsd.org@localhost
Subject: Re: Anti-Spoofing
From: Edgar Fuß <ef%math.uni-bonn.de@localhost>
Date: Wed, 7 Sep 2011 13:01:05 +0200

IS> This might be because those are auto-routed via loopback, so they don't
IS> really hit the driver, if I recall correctly. 
Ah, that indeed seems to be the case.
Is that documented anywhere?

EF> Both broadast or multicast datagrams from me are seen twice by the filter.
IS> outgoing and incoming?
Yes.

EF> I still don't know what happens to fake packets from outside pretending
EF> to be sent ``by me''. I hope they will be seen by the filter.
IS> I think they will.
It's quite hard to test. The best I could get was to set up the address in 
question as an interface alias on another machine and then ping that 
interface's broadcast address from there.
Indeed, those datagrams where seen by the packet filter on the machine 
legitimally owning the IP faked by the other machine.

Follow-Ups:
- Re: Anti-Spoofing
  - From: Mouse

References:
- Anti-Spoofing
  - From: Edgar Fuß
- Re: Anti-Spoofing
  - From: is
- Re: Anti-Spoofing
  - From: Edgar Fuß
- Re: Anti-Spoofing
  - From: Edgar Fuß
- Re: Anti-Spoofing
  - From: Ignatios Souvatzis

Prev by Date: Re: Anti-Spoofing
Next by Date: Re: Anti-Spoofing
Previous by Thread: Re: Anti-Spoofing
Next by Thread: Re: Anti-Spoofing
Indexes:

Home | Main Index | Thread Index | Old Index