IP spoofing mitigation

Answered Question
Dec 24th, 2008
User Badges:

Where to configure ACL to deny any traffic from the external network that has a source address that should reside on internal network? Does that include assigned public IPs?


Where to filter any outbound traffic that does not have the source address of IPs for the network?


Network: ISP router <>perimeter router<>firewall plus DMZ<>LAN switch.

Correct Answer by JORGE RODRIGUEZ about 8 years 5 months ago

You can filter at your perimter router ingress interface.


Reference this link

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml




[edit]


by using acl at your perimeter router using link example above u should have additional protection before atacker even hits the firewall.


Firewall has unti-spoofing functionality , u should still reference this other link.


http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml#spoof


Regards


Rate any helpful posts


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Thu, 12/25/2008 - 07:23
User Badges:
  • Green, 3000 points or more

You can filter at your perimter router ingress interface.


Reference this link

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a00801afc76.shtml




[edit]


by using acl at your perimeter router using link example above u should have additional protection before atacker even hits the firewall.


Firewall has unti-spoofing functionality , u should still reference this other link.


http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml#spoof


Regards


Rate any helpful posts


Actions

This Discussion