Can IP / MAC spoofing be blocked ?
Wed, 18 Jul 2001 14:55:05 +0200
I'm in the process of setting up a VPN between two LAN's.
1 Side is a Win2k with PPTP, other side Linux Firewall --> forwarded to NT
RAS Server ...
The linux firewall filters on MAC address to make sure that only one NIC
can initiate a VPN ...
The setup of this system works fine,
but I'm just a bit worried about MAC / IP spoofing.
I read about MAC spoofing a lot, and it seems to me that this is actual a
security hazzard that has to be taken into account (correct me if I'm
Is there a way to check for spoofed MAC addresses via Netfilter (iptables)
Or is there some other way this can be accomplished, taking into account
that when someone spoofs a MAC address, it's probably because he tried IP
spoofing first, but saw that this failed ...
And when he then spoofs the IP as well as the MAC address, what else can we
filter on ?
Any comment welcome (cc to gert.Vandelaer@medisearch-int.com please)