Options
Anti-spoofing in same network segment
ankda
Registered Users Posts: 2 ■□□□□□□□□□
Hi All,
Please help me to understand anti-spoofing on checkpoint in same network segment. For example:- I have two hosts ( Host 1:- 10.0.0.1/24 & Host 2:- 10.0.0.2/24) both resides on internal side. My firewall internal port IP is 10.0.0.254/24. Now if host 2 spoofed host 1 IP address and send traffic towards outside. How anti-spoofing will work in this case and how firewall will detect this.
Thanks.
Please help me to understand anti-spoofing on checkpoint in same network segment. For example:- I have two hosts ( Host 1:- 10.0.0.1/24 & Host 2:- 10.0.0.2/24) both resides on internal side. My firewall internal port IP is 10.0.0.254/24. Now if host 2 spoofed host 1 IP address and send traffic towards outside. How anti-spoofing will work in this case and how firewall will detect this.
Thanks.
Comments
-
OptionsTechGuru80
Member Posts: 1,539 ■■■■■■□□□□
Here is a good explanation of what Anti-Spoofing means: Anti-Spoofing | Check Point CCSA Exam Cram: Defining Security Policy with SmartDashboard | Pearson IT Certification
Cisco has this type of feature too...basically the attacker is on the outside trying to "spoof" their ip to an internal trusted address, but when the firewall sees an internal trusted IP address is coming from an untrusted or external network the traffic will be stopped.