network security news, articles, tools, links...
Dropped here by your search engine? Use the same keyword in the google box below to search this site.
This article explains the widely underestimated security impact of the current lack of anti-spoofing measures on the Internet.
The Internet Protocol (IP) basically works with small portions of data called datagrams that contain a small header that is used for address information. This header contains two addresses:
* The destination address.
* The source address.
The first address determines where the datagram should go. The second address tells the destination where the datagram originated. In the handling of this second address there lies a problem.
Part of the merits of the IP protocol come from the fact that it is connection less, and that routers make routing actions based on destination address without any influence by the source address. This works fine on the parts of the Internet that are designed for redundancy, where filtering would in many cases be impossible, but unfortunately this way of working is deadly when used outside of the major backbone networks.
Network administrators have the choice to do source based IP filtering on their routers with so called anti-spoofing filters. Unfortunately much of the network administrators do not. Further, network hardware and OS manufacturers have the choice to make 'anti-spoofing' the default operation for their products, unfortunately non of them seem to take their responsibility on that either. It is this combination of reluctance and ignorance that is the indirect course of the fast majority of security problems on the Internet.
This article I tries to explain the full extend of the spoofing problems on Internet security, and the methods that should be taken by responsible administrators and manufacturers. Why spoofing is the number one security problem on the Internet, and how we should fight it
| Why spoofing is the number one security problem on the Internet, and how we should fight it |
The Internet Protocol (IP) basically works with small portions of data called datagrams that contain a small header that is used for address information. This header contains two addresses:
* The destination address.
* The source address.
The first address determines where the datagram should go. The second address tells the destination where the datagram originated. In the handling of this second address there lies a problem.
Part of the merits of the IP protocol come from the fact that it is connection less, and that routers make routing actions based on destination address without any influence by the source address. This works fine on the parts of the Internet that are designed for redundancy, where filtering would in many cases be impossible, but unfortunately this way of working is deadly when used outside of the major backbone networks.
Network administrators have the choice to do source based IP filtering on their routers with so called anti-spoofing filters. Unfortunately much of the network administrators do not. Further, network hardware and OS manufacturers have the choice to make 'anti-spoofing' the default operation for their products, unfortunately non of them seem to take their responsibility on that either. It is this combination of reluctance and ignorance that is the indirect course of the fast majority of security problems on the Internet.
This article I tries to explain the full extend of the spoofing problems on Internet security, and the methods that should be taken by responsible administrators and manufacturers. Why spoofing is the number one security problem on the Internet, and how we should fight it
More News
- Apple releases another mega-patch for Mac OS X
- Security flaw in smart cards poses risk for transit, building access
- Free TrojanProof Password Tool Released for Windows
- Security scans with OpenVAS
- Do ISPs pose a bigger online privacy threat than Google
- HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
- Anatomy of a botnet
- Microsoft patches 8 critical bugs in Windows, Office
- Virtualization users should expect more attacks
- Threat From DNS Bug Is not Over, Experts Say
- Website infection rate triples
- How to Use Honeypots to Improve Your Network Security
- Microsoft Patch Tuesday Targets 26 Application Flaws
- SSL VPNs might not be as secure as you think
- 8 tips to filter spam effectively
- Onus on IP address owner to prove innocence
- How to install an SSH Server in Windows Server 2008.
- Several vulnerabilities closed in the Linux kernel
- 8 Best Practices for Encryption Key Management and Data Security
- Free Honeypot Client Could Sting Malware
You are browsing the old version of "The Network Security. Org", Please
click here to visit the
new version.
Categories
Web Security
Basic Security
Network Tools
Archived Articles
Wireless Security
Networking Basics
Disaster Recovery
Enterprise Security
Intrusion Detection
More Archived Articles
Exploits & Vulnerabilities
Viruses & other Malware
Basic Security
Network Tools
Archived Articles
Wireless Security
Networking Basics
Disaster Recovery
Enterprise Security
Intrusion Detection
More Archived Articles
Exploits & Vulnerabilities
Viruses & other Malware
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main(ad_network_213.php) [function.main]: failed to open stream: No such file or directory in /home/thenetw/public_html/news/View.php on line 282
Warning: main() [function.include]: Failed opening 'ad_network_213.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php:../:../../:../../../:../../../../') in /home/thenetw/public_html/news/View.php on line 282