in comp.security.unix i read:
Quote:>How do today's UNIX systems' IP stacks react when reciving an IP packet
>on an interface (say ethernet or PPP) when the packet's originating IP
>address is the local interface's, i.e. the sender has faked the
>originating IP address to be the one of the reciving interface on the
>Do modern IP stacks automatically detect that the packet has been
>spoofed and discard it, or will it take explicit local firewall rules to
>get such a behavior?
irrespective of whether mosts hosts would dtrt (which i believe you will
find to be atypical) i'd suggest packet filters, at whatever appropriate
places, e.g., your border routers should not let anything in that has a
local ip address (nor anything out that doesn't), and should block martians
such as localhost (and perhaps even rfc1918 space) too. i wouldn't
necessarily trust packet filters solely on the host, though i'd use them
too, being more a belt and suspenders sort of person.
bringing you boring signatures for 17 years