Re: Land and Cisco question

• From: Dean Anderson
• Date: Mon Nov 24 20:11:02 1997

At 4:54 AM -0500 11/23/97, Alan Barrett wrote:
>Randy Bush said:
>> for each interface on a router
>>   block tcp which is both to and from that interface
>
>I don't think that's sufficient.  What about spoofed packets arriving via
>interface A, with IP source and destination both set to the address of
>interface B?

In this case the packets must eventually be transmitted via interface B and
Interface B transmit rules should take care of that.

		--Dean


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  [email protected]
           LAN/WAN/UNIX/NT/TCPIP          http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

• Follow-Ups:
  • Re: Land and Cisco question Greg A. Woods

• References:
  • Re: Land and Cisco question Randy Bush
  • Re: Land and Cisco question Alan Barrett

• Prev by Date: RE: Sprint problems
• Next by Date: Eugene Kashpureff's Defense Fund
• Date Index
• Thread Index
• Author Index
• Historical