How Can I Protect Against Ip Spoofing Attacks - ZyXEL Communications Prestige 2802HW(L)-IX Support Notes

How can I protect against IP spoofing attacks?

The Prestige's firewall will automatically detect the IP spoofing and drop it if the firewall is turned on. If the
firewall is not turned on we can configure a filter set to block the IP spoofing attacks. The basic scheme is as
follows:
For the input data filter:
•
Deny packets from the outside that claim to be from the inside
•
Allow everything that is not spoofing us
Filter rule setup:
•
Filter type =TCP/IP Filter Rule
• Active =Yes
• Source IP Addr =a.b.c.d
•
Source IP Mask =w.x.y.z
•
Action Matched =Drop
•
Action Not Matched =Forward
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask:
For the output data filters:
• Deny bounceback packet
•
Allow packets that originate from us
Filter rule setup:
•
Filter Type =TCP/IP Filter Rule
•
Active =Yes
•
Destination IP Addr =a.b.c.d
•
Destination IP Mask =w.x.y.z
•
Action Matched =Drop
• Action No Matched =Forward
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask.
All contents copyright (c) 2007 ZyXEL Communications Corporation.
Prestige 2802HW(L)-Ix Support Notes
141