Computer Forums
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Computer Forums (http://www.geekboards.com/forums/index.php)
-   Building Websites (http://www.geekboards.com/forums/forumdisplay.php?f=3)
-   -   Host.conf Hardening - Prevent IP spoofing (http://www.geekboards.com/forums/showthread.php?t=594)

Soulwatcher 02-21-2006 03:18 AM
Host.conf Hardening - Prevent IP spoofing
 
The first thing you are going to want to do is SSH into your server. Then type the following command.

#pico -w /etc/host.conf

Scroll down until you see (order hosts,bind) Just below it type (nospoof on) and then save. It should look like this when your done

order hosts,bind
nospoof on

Thats it, your all done. Make sure to restart your network so the new rules will take effect.

James72 02-23-2006 06:20 PM
Thanks for the tutorial!

What exactly will this do, and is it foolproof?
________
buy easy vape vaporizer

Coop 04-13-2006 02:54 PM
spoofing is a little complicated to explain, and doesn't really affect you if you only have a single IP address. Basically, if you had a network of several differant machines, you may adjust your firewall rules so that your internal machines have more access to each other than external machines. You may, for example, decide that all ports are open between internal machines, but only ports 80, 443 and 25 for external machines. This is a common setup.

If your network is not properly protected, it is possible for someone to setup a machine externally that uses a spare IP from your local network (only works with real IP's, as most internet routers will not route the private blocks such as 192.168.* etc.). So they have a machine that has potentially greater access to your network.

They then setup a static route on their machine saying that to talk to your network, the machine should route all packets via your router. If done correctly, and your router is not properly protected, then tey will have the same access to your network as any other local machine.

There are several ways around this problem, but the most common is to make your router drop any packets coming from the internet interface that have IP addresses on your local network. Protection can also be put in place at the ehternet level by locking IP's to MAC addresses to make things even more difficult, but your typical home roputer / switch does not include that facility.

LucnetSolutions 04-21-2006 11:30 AM
This a nice tip for added security. I seen this before and have it on all our servers. Glad see this here.

rmwebs 05-03-2006 02:54 AM
Nice Tutorial! Thank you :)

timeassasin 02-29-2008 04:14 PM
thanks for sharing!

Lamer980 07-23-2008 03:39 AM
Thanks, Soulwatcher, its always good to get feedback.:)

AndraJoseph 09-01-2008 01:34 AM
Thanks for the information soulwatcher. I will definitely try this one out at the beginning of the code.

pengerik 03-29-2010 03:40 PM
I'm going to order a webserver with several IP's in the coming weeks, so this was really helpfull information ! Thanx for sharing :)

aladamapee 05-22-2010 11:40 PM
Quote:
Originally Posted by Soulwatcher (Post 3875)
The first thing you are going to want to do is SSH into your server. Then type the following command.

#pico -w /etc/host.conf

Scroll down until you see (order hosts,bind) Just below it type (nospoof on) and then save. It should look like this when your done

order hosts,bind
nospoof on

Thats it, your all done. Make sure to restart your network so the new rules will take effect.
Great information for us, This information is still required for many of us. Thanks


All times are GMT -5. The time now is 08:54 AM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
HTML Help provided by HTML Help Central.