Network Security
Loose RPF vs Strict uRPF
The concept when implementing Loose or strict uRPF (Reverse Path Forwarding) is simple, before forwarding the packet to the destination the router will check to see if the routing table has a route back to the source, if not then the packet is dropped.
In strict uRPF if the interface of the source address is not the same interface as indicated in the route table then the packet is dropped. This is the recommended setting to prevent DOS attacks however the risk is that asymmetrically routed packets will get dropped.
In loose uRPF as long as the router has a route to the source the packet is allowed through in any interface, it is not recommended to use loose RPF because if the router has a default route it means no packets will be dropped.
Related posts:
- Anti-spoofing configuration in Cisco routers and firewalls.
- Firewall packet inspection and decision making process
- Solaris Unix snoop command example.
- Check packet traffic without launching Checkpoint SmartView Tracker
- Cisco firewall error “No translation Group Found”
Categories
Latest in Security News
- Twitter To Reach 500 Million Users Any Minute Now? 2012/02
- Long life to Kelihos! 2012/02
- Chocolate Covered Exploit? 2012/02
- Injection code masquerades as Google Analytics 2012/02
- Buyers beware—of Olympic scams 2012/02
- 3-2-1 Wordpress vulnerability leads to possible new exploit kit 2012/01
- Trojan caught on camera shows CAPTCHA is still a security issue 2012/01
- Phoenix, Phoenix, I need help! 2012/01
- entrepreneur.com compromised with CrimePack 2012/01
- Search for Google Chrome leads to Compromised Chrome Plugin Forum 2012/01
Discussion
No comments for “Loose RPF vs Strict uRPF”
Post a comment