Computer and Network Security Hacks,Tips and More
Firewall Security
Anti-spoofing configuration in Cisco routers and firewalls.
To configure Cisco router and firewalls for anti-spoofing we need to enable IP Unicast Reverse-path Forwaring(RPF) on the interface.
RPF feature when enabled will cause the router to check the source of the incoming packet against its routing table to determine if the packet is expected on that particular interface. If a packet with source belonging to the internal network is received on the outside interface for example, the packet will be dropped.
command syntax:
ip verify unicast reverse-path
The output of command ”sh ip traffic” will display packets dropped by anti-spoofing if this is enabled.
Related posts:
- Use SCP with Cisco routers and PIX/ASA firewalls to transfer files.
- Configuring Authentication Proxy on Cisco Routers.
- Firewall packet inspection and decision making process
- Cisco firewall error “No translation Group Found”
- Top 10 general firewall best practice guidelines.
Tags:
Categories
Latest in Security News
- Twitter To Reach 500 Million Users Any Minute Now? 2012/02
- Long life to Kelihos! 2012/02
- Chocolate Covered Exploit? 2012/02
- Injection code masquerades as Google Analytics 2012/02
- Buyers beware—of Olympic scams 2012/02
- 3-2-1 Wordpress vulnerability leads to possible new exploit kit 2012/01
- Trojan caught on camera shows CAPTCHA is still a security issue 2012/01
- Phoenix, Phoenix, I need help! 2012/01
- entrepreneur.com compromised with CrimePack 2012/01
- Search for Google Chrome leads to Compromised Chrome Plugin Forum 2012/01
© 2009 Information Security Tips. 
Discussion
No comments for “Anti-spoofing configuration in Cisco routers and firewalls.”
Post a comment