To prevent IP spoofing attacks, a firewall should be configured to drop a packet if:

Last Updated on December 27, 2021 by Admin 3

To prevent IP spoofing attacks, a firewall should be configured to drop a packet if:

  • the source routing field is enabled.
  • it has a broadcast address in the destination field.
  • a reset flag (RST) is turned on for the TCP connection.
  • dynamic routing is used instead of static routing.
Explanation:​
IP spoofing takes advantage of the source-routing option in the IP protocol. With this option enabled, an attacker can insert a spoofed source IP address. The packet will travel the network according to the information within the source-routing field, bypassing the logic in each router, including dynamic and static routing (choice D). Choices B and C do not have any relation to IP spoofing attacks. If a packet has a broadcast destination address (choice B), it will be sent to all addresses in the subnet. Turning on the reset flag (RST) (choice C) is part of the normal procedure to end a TCP connection.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments