Prestige 2602HWNLI-D7A Support Notes

How can I protect against IP spoofing attacks?

The Prestige's firewall will automatically detect the IP spoofing and drop it if the firewall is turned on. If the firewall is not turned on we can configure a filter set to block the IP spoofing attacks. The basic scheme is as follows:

For the input data filter:

Deny packets from the outside that claim to be from the inside

Allow everything that is not spoofing us

Filter rule setup:

Filter type =TCP/IP Filter Rule

Active =Yes

Source IP Addr =a.b.c.d

Source IP Mask =w.x.y.z

Action Matched =Drop

Action Not Matched =Forward

Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask:

For the output data filters:

Deny bounceback packet

Allow packets that originate from us

Filter rule setup:

Filter Type =TCP/IP Filter Rule

Active =Yes

Destination IP Addr =a.b.c.d

Destination IP Mask =w.x.y.z

Action Matched =Drop

Action No Matched =Forward

Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask.

201

All contents copyright (c) 2007 ZyXEL Communications Corporation.

Page 201
Image 201
ZyXEL Communications 2602HWNLI-D7A manual How can I protect against IP spoofing attacks?