NetScreen having IP spoofing vulanerability with 127.x.x.x ?
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

NetScreen having IP spoofing vulanerability with 127.x.x.x ?

From: Oliver Habegger <oh@cpugs.org>
Date: Tue Aug 02 2005 - 16:04:54 CEST



Hi news group



We did an audit on a NetScreen which is port forwarding


the port 80 to an internal webserver and the audit said that


we got a IP spoofing problem here. I checked the interface


of the NetScreen but all are set to "IP spoofing protection".



The audit report mentions that the IP 127.0.0.1 got throught


so it looks like 127.x.x.x gets thought as valid source IP


address. This seams a bit strange to me, does NetScreen


not drop such source IPs by default?



Anyone having experiance with such a "feature" ?



TIA, Oliver



----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----


http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups


----= East and West-Coast Server Farms - Total Privacy via Encryption =----


Received on Thu Sep 29 20:00:10 2005