[Dshield] Spoofing Source Address Verification XP

Matt Weil weilmr at slu.edu
Fri Nov 23 18:46:14 GMT 2001


With win XP's arrival.. The ability to spoof of the source address is
apparently very easy accomplished  http://grc.com/dos/xplaughter.htm.
In fact I am wandering why MS did not include a GUI to make this
happen...

I am curious as to how people are verifying there sources and what ISP's
are doing to verify them as well..
    if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]; then
        for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
            echo 1 > $f
        done
    fi
http://www.cisco.com/univercd/cc/td/doc/product/software/ios111/cc111/uni_rpf.htm

Do some of the most common DSL/Cable routers with built in fire walls
protect against this??

Also are there any free legit tools out there to test for this both on
the ISP's side and test personal firewalls???





More information about the list mailing list