D-Link DFL-2500 User Guide - Page 142
Access Anti-spoofing
View all D-Link DFL-2500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 142 highlights
15 CHAPTER Access (Anti-spoofing) 15.1 Overview The primary function of any firewall is to control the access to protected data resources, so that only authorized connections are allowed. Access control is basically addressed in the firewall's IP rules (introduced in 14. IP Rules). According to the rules, the firewall considers a range of protected LAN addresses as trusted hosts, and restricts the traffic flow from the untrusted Internet going into the trusted area, and also the other way around. One underlying flaw of this trust based control is that, it tends to neglect the potential hazard caused by masquerade. The clever attackers make tricks to fool the firewall by pretending the identity of a trust host, which is the so called Spoofing technique. 15.1.1 IP Spoofing IP spoofing is one of the most common masquerading attacks, where the attacker uses IP addresses trusted by the firewall to bypass the traffic filtering. In the spoofing process, the header of an IP indicating the source address of a given packet can be easily modified to a local host's address, so that the firewall will believe the request came from a trusted source. Although the packet cannot be responded to the initial source, there is potential for unnecessary network congestion and denial of service (DoS) 123