Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




81 posts

Master Geek

Trusted

Topic # 140569 13-Feb-2014 08:46
Send private message

I understand a standard procedure to secure an internet facing router is to block incoming traffic from RFC1918 private address ranges.

My question is: if a hacker is using a source address with a private address, how is this a threat ? I am thinking that the packets cannot be returned to him anyway, due to private addresses not being routable on the net, so he is not getting any return traffic.
So apart from using private source addresses for a one directional DoS attack, how else could this actually cause harm ?

Thanks for any help.

Create new topic
563 posts

Ultimate Geek
+1 received by user: 89


  Reply # 986597 13-Feb-2014 09:28
3 people support this post
Send private message

I've never encountered this but would assume;

Like you mention if I could spoof an internal IP [i.e. 10.1.1.2] to your router then any replies are going to be routed to back to that address on your network which could result in a DDOS vulnerability against what could be your PC, firewall, domain controller etc.

Possibly could also be a way to pass malicious commands to your network devices (NTP update, DHCP release, remote shutdown etc) ? (Duno, just a guess)





3111 posts

Uber Geek
+1 received by user: 533

Trusted

  Reply # 986826 13-Feb-2014 16:24
One person supports this post
Send private message

+1 to that.

They send you a packet such as a ping from a private ip address. Your computer then sends the reponse to that address - which would probably be on the local network.
Okay so it gets dropped and goes nowhere.

They then use a botnet to send you millions of such pings and can cause you all sorts of problems.





Ray Taylor
Taylor Broadband (rural hawkes bay)
www.ruralkiwi.com

There is no place like localhost
For my general guide to extending your wireless network Click Here




Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Less news in Facebook News Feed revamp
Posted 15-Jan-2018 13:15


Australian Government contract awarded to Datacom Connect
Posted 11-Jan-2018 08:37


Why New Zealand needs a chief technology officer
Posted 6-Jan-2018 13:59


Amazon release Silk Browser and Firefox for Fire TV
Posted 21-Dec-2017 13:42


New Chief Technology Officer role created
Posted 19-Dec-2017 22:18


All I want for Christmas is a new EV
Posted 19-Dec-2017 19:54


How clever is this: AI will create 2.3 million jobs by 2020
Posted 19-Dec-2017 19:52


NOW to deploy SD-WAN to regional councils
Posted 19-Dec-2017 19:46


Mobile market competition issues ComCom should watch
Posted 18-Dec-2017 10:52


New Zealand government to create digital advisory group
Posted 16-Dec-2017 08:47


Australia datum changes means whole country moving 1.8 metres north-east
Posted 16-Dec-2017 08:39


UAV Traffic Management Trial launching today in New Zealand
Posted 12-Dec-2017 16:06


UFB connections pass 460,000
Posted 11-Dec-2017 11:26


The Warehouse Group to adopt IBM Cloud to support digital transformation
Posted 11-Dec-2017 11:22


Dimension Data peeks into digital business 2018
Posted 11-Dec-2017 10:55



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.