Darksat IT Security Forums
August 08, 2020, 10:44:54 pm
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Darksat IT Security Forum
From Firewall Support, AntiVirus Questions, Spyware problems, Linux and Windows Security, Black Hat SEO right down to Website Design and Multimedia
  Home Help Search Gallery Links Staff List Login Register  

Source Routing and spoofing source addresses

Pages: [1]
Author Topic: Source Routing and spoofing source addresses  (Read 889 times)
Posts: 3303

View Profile WWW
« on: August 25, 2006, 06:48:10 am »

Bypassing firewalls with loose source routing is a rather effective way of bypassing security used by many hackers / crackers
Essentially the Ip address protocoll allows you to specify a specific hop on the way to or from a destination address.

eg send packet to Anthony from Mike but go via Bob's machine.
so for example if hacker X knows that access to a specific resource is limited to IP addresses inside a network he can spoff an IP address inside the network but use loose source routing to route the packet to his machine outside in order to gain access.

Many system admins still have loose source routing enabled in order for them to be able to check wheather specific machines on the network are up and running and are passing on requests, the problem often is that the firewalls will allow external packets through that claim to be originating from an internal machine.
The best defense against this is to set your firewall to reject any packets with loose source trace routing enabled.
Often however this technique is used to gain access to webservers which are normally facing the internat with no firewall.
eg, the attacker will spoof the ip with loose source routing enabled back to his machine in the hopes of gaining access to the server.
So if you are running a webserver it is very important to make sure that you are protected against these types of attacks.

Report Spam   Logged

Share on Facebook Share on Twitter

Pages: [1]
Jump to:  

Powered by EzPortal
eXTReMe Tracker
Security Forum
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum

Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.031 seconds with 14 queries.