Network Security: Detailed info on RE: Localhost packets on WAN

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

RE: Localhost packets on WAN

from [David Gillett] Network Security

[Permanent Link]

Subject:	RE: Localhost packets on WAN
Date:	Thu, 30 Sep 2004 09:03:04 -0700

These packets should not be arriving at your perimeter at 
all.


  Anything sourced from a loopback address should be BLOCKED
at your perimeter.  But if it has your destination address, it
will arrive AT your perimeter unless somebody upstream bothers
to look at the source address for you.  Most ISPs don't, unless
you've requested their help fending off a DoS attack.

They are not blowback from misguided Blaster or Nachi 
countermeasures as someone will undoubtedly suggest.


  Please offer some *plausible* alternate explanation.  The
Blaster blowback precisely explains every detail of traffic
like this that I have seen directly or heard reported by
others.  Do you possess some additional evidence that 
contradicts it?  Do you have a simpler explanation that
adequately explains the evidence?

David Gillett

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Localhost packets on WAN, Kirby Angell RE: Localhost packets on WAN, James C Slora Jr RE: Localhost packets on WAN, David Gillett <= RE: Localhost packets on WAN, James C Slora Jr RE: Localhost packets on WAN, David Gillett RE: Localhost packets on WAN, spainsecurity-s.navarro Re: Localhost packets on WAN, Frank Knobbe Re: Localhost packets on WAN, Kirby Angell RE: Localhost packets on WAN, NESTING, DAVID M (SBCSI) RE: Localhost packets on WAN, Frank Knobbe Re: Localhost packets on WAN, Kirby Angell

Previous by Date:	Re: Localhost packets on WAN, Frank Knobbe
Next by Date:	RE: Localhost packets on WAN, James C Slora Jr
Previous by Thread:	RE: Localhost packets on WAN, James C Slora Jr
Next by Thread:	RE: Localhost packets on WAN, James C Slora Jr
Indexes:	[Date] [Thread] [Top] [All Lists]