On Wednesday 05 November 2003 7:31 pm, Leandro Takashi Hirano wrote:
> Thanks for the port scanner help....
>
> Now I would like to know about the IP Spoofing rule, how does it works?
>
> - iptables -A INPUT -s 192.168.1.0/24 -i ! eth0 -j DROP
Any packet with a source address in the Class C range 192.168.1.x which does
not come from eth0 will be DROPped.
> - iptables -A INPUT ! -s 192.168.1.0/24 -i eth0 -j DROP
Any packet which comes from eth0 and has a source address other than the
Class C 192.168.1.x will be DROPped.
> I don´t know how can it block ip spoofing attack...
These rules assume that eth0 is your internal network, and your internal
network range is 192.168.1.0/24.
No packets with your own source address should come from outside (rule 1) and
all packets from inside should have your own source address (rule 2).
Therefore these two rules stop people on the outside pretending that they
live on your network, and people on the inside pretending that they don't.
Antony.
--
In Heaven, the police are British, the chefs are Italian, the beer is
Belgian, the mechanics are German, the lovers are French, the entertainment
is American, and everything is organised by the Swiss.
In Hell, the police are German, the chefs are British, the beer is American,
the mechanics are French, the lovers are Swiss, the entertainment is Belgian,
and everything is organised by the Italians.
Please reply to the list;
please don't CC me.
