[asterisk-biz] IP Spoofing - Brute Force Attack Prevention
Andrew Latham
lathama at gmail.com
Fri Feb 5 15:16:02 CST 2010
It is possible to test for spoofing. Testing has a high cost for the
resources involved. Some of the first rules of any filter is to drop
the reserved public and private networks.
There exist another option for brute force attacks that involves
greping the log file for issues and automating blocking iptables
rules...
~
Andrew "lathama" Latham
lathama at gmail.com
* Learn more about OSS http://en.wikipedia.org/wiki/Open-source_software
* Learn more about Linux http://en.wikipedia.org/wiki/Linux
* Learn more about Tux http://en.wikipedia.org/wiki/Tux
On Fri, Feb 5, 2010 at 5:53 PM, Kevin P. Fleming <kpfleming at digium.com> wrote:
> Cyriaz at Gmail.com wrote:
>> Does it require to write firewall rules? how can I write a firewall rule
>> to block IP Spoofing
>
> It is not possible to block IP spoofing, except for IPs that exist on
> the inside of your firewall. If the source IP is outside your firewall,
> it is not possible to know whether it originated from the proper owner
> of that IP or whether it was spoofed.
>
> --
> Kevin P. Fleming
> Digium, Inc. | Director of Software Technologies
> 445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
> skype: kpfleming | jabber: kpfleming at digium.com
> Check us out at www.digium.com & www.asterisk.org
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-biz
>
More information about the asterisk-biz
mailing list