Mike Dornberger <[EMAIL PROTECTED]> wrote: >> > If I set up my firewall to accept only my local network (eg. >> > -s 192.168.0.0/255.255.255.0) connecting to a port (eg. smtp), then >> > anyone can spoof that too. So what's the point of creating rules? :) > > even if one can spoof the IP, he (= the attacker) can't do very much more > (assuming, he can't read local traffic), at least with TCP connection.
And he needs to get around the ingress spoof filter. You of course dont accept ip packets with the internal addresses on the external interface. Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
