Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 7 Sep 2003 15:23:55 +0200
From:      "Guilmot Mike" <malenki@pandora.be>
To:        "Alex Zivenko" <twistfire@rambler.ru>, <freebsd-questions@freebsd.org>
Subject:   Re: Spoofing, defense?
Message-ID:  <002201c37543$49d01c60$0100a8c0@guilmot2cimcs9>
References:  <004001c37540$cdf13680$0400a8c0@fire>

next in thread | previous in thread | raw e-mail | index | archive | help
Alex Zivenko wrote:
> Everybody know what is spoofing.
> How can I protect my server from it? It's a router to the internet,
> but some of my friends spoof the address and go thrue the router.
> Firewall can't protect.  
> Any suggestions?

Follow an ipf howto/tutorial.
There are MANY of them around.

In my firewall I prevent it like:

# Anti-spoof, no loggin [ I hate reading them ;-) ]

block in quick on rl0 from 192.168.0.0/16 to any #RFC 1918 private IP

block in quick on rl0 from 172.16.0.0/12 to any #RFC 1918 private IP

block in quick on rl0 from 10.0.0.0/8 to any #RFC 1918 private IP

block in quick on rl0 from 127.0.0.0/8 to any #loopback

block in quick on rl0 from 0.0.0.0/8 to any #loopback

block in quick on rl0 from 169.254.0.0/16 to any #DHCP auto-config

block in quick on rl0 from 192.0.2.0/24 to any #reserved for doc's

block in quick on rl0 from 204.152.64.0/23 to any #Sun cluster interconnect

block in quick on rl0 from 224.0.0.0/3 to any #Class D & E multicast



Hope this was what you meant ...


Kind regards,

Guilmot Mike



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002201c37543$49d01c60$0100a8c0>