You are not logged in.
- Topics: Active | Unanswered
#1 2014-12-01 21:19:07
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,697
- Website
sshguard whitelist question and IP masquerade attack
I one runs sshguard whitelisting 192.168.1.0/24 (trusted internal LAN), is it possible for an attacker from an external IP to masquerade as a host on the internal 192.168.1.* IP range somehow?
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#2 2014-12-01 23:13:47
- Leonid.I
- Member
- From: Aethyr
- Registered: 2009-03-22
- Posts: 999
Re: sshguard whitelist question and IP masquerade attack
I one runs sshguard whitelisting 192.168.1.0/24 (trusted internal LAN), is it possible for an attacker from an external IP to masquerade as a host on the internal 192.168.1.* IP range somehow?
In short, yes -- by using a type of DNS rebind attack (that's how most routers get hacked AFAIU). Of course, they can also spoof an IP address in a packet header directly, but then they will have a hard time communicating with your server (they won't get a server reply).
Arch Linux is more than just GNU/Linux -- it's an adventure
pkill -9 systemd
Offline