IP Spoofing

One method of attempting to gain access to a restricted area of the network is to insert a bogus source address in the packet header to make the packet appear to come from a trusted source. This technique is called IP spoofing. The mechanism to detect IP spoofing relies on route table entries. For example, if a packet with source IP address 10.1.1.6 arrives at port Eth3, but JUNOS software has a route to 10.1.1.0/24 through port Eth1, checking for IP spoofing discovers that this address arrived at an invalid interface as defined in the route table. A valid packet from 10.1.1.6 can only arrive via Eth1, not Eth3. Therefore, JUNOS software concludes that the packet has a spoofed source IP address and discards it.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.