From owner-freebsd-questions@FreeBSD.ORG Sun Sep 7 06:23:04 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7FF2316A4BF for ; Sun, 7 Sep 2003 06:23:04 -0700 (PDT) Received: from astra.telenet-ops.be (astra.telenet-ops.be [195.130.132.58]) by mx1.FreeBSD.org (Postfix) with ESMTP id 66FD343F85 for ; Sun, 7 Sep 2003 06:23:02 -0700 (PDT) (envelope-from malenki@pandora.be) Received: from localhost (localhost.localdomain [127.0.0.1]) by astra.telenet-ops.be (Postfix) with SMTP id 1B6B337F8E; Sun, 7 Sep 2003 15:23:01 +0200 (MEST) Received: from guilmot2cimcs9 (D57650F9.kabel.telenet.be [213.118.80.249]) by astra.telenet-ops.be (Postfix) with SMTP id E61C937EED; Sun, 7 Sep 2003 15:23:00 +0200 (MEST) Message-ID: <002201c37543$49d01c60$0100a8c0@guilmot2cimcs9> From: "Guilmot Mike" To: "Alex Zivenko" , References: <004001c37540$cdf13680$0400a8c0@fire> Date: Sun, 7 Sep 2003 15:23:55 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2727.1300 Subject: Re: Spoofing, defense? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Sep 2003 13:23:04 -0000 Alex Zivenko wrote: > Everybody know what is spoofing. > How can I protect my server from it? It's a router to the internet, > but some of my friends spoof the address and go thrue the router. > Firewall can't protect. > Any suggestions? Follow an ipf howto/tutorial. There are MANY of them around. In my firewall I prevent it like: # Anti-spoof, no loggin [ I hate reading them ;-) ] block in quick on rl0 from 192.168.0.0/16 to any #RFC 1918 private IP block in quick on rl0 from 172.16.0.0/12 to any #RFC 1918 private IP block in quick on rl0 from 10.0.0.0/8 to any #RFC 1918 private IP block in quick on rl0 from 127.0.0.0/8 to any #loopback block in quick on rl0 from 0.0.0.0/8 to any #loopback block in quick on rl0 from 169.254.0.0/16 to any #DHCP auto-config block in quick on rl0 from 192.0.2.0/24 to any #reserved for doc's block in quick on rl0 from 204.152.64.0/23 to any #Sun cluster interconnect block in quick on rl0 from 224.0.0.0/3 to any #Class D & E multicast Hope this was what you meant ... Kind regards, Guilmot Mike