Default Packet Handling
User Guide
179
tion. In conjunction with the false identity, the attacker may
route the packet so that it appears to originate from a host
that the targeted system trusts.
If the destination system performs session authentication
based on a connection’s IP address, the destination system
may allow the packet with the spoofed address through
your firewall. The destination system “sees” that the
packet apparently originated from a host that is trusted,
and therefore doesn’t require validation or a password.
When you enable spoofing defense, the Firebox prevents
packets with a false identity from passing through to your
network. When such a packet attempts to establish a con-
nection, the Firebox generates two log records. One log
record shows that the attacker’s packet was blocked; the
other shows that the attacker’s site has been added to the
Blocked Sites list, a compilation of all sites blocked by the
Firebox.
You can block spoofing attacks using the
Default
Packet Handling
dialog box. From Policy Man-
ager:
1
On the toolbar, click the Default Packet Handling icon,
shown at right.
You can also, from Policy Manager, select Setup
=>
Intrusion
Prevention
=>
Default Packet Handling.
The Default Packet Handling dialog box appears, as shown in the
following figure.
2
Select the checkbox marked
Block Spoofing Attacks
.
Summary of Contents for Firebox X10E
Page 1: ...WatchGuard Firebox System User Guide WatchGuard Firebox System ...
Page 12: ...xii WatchGuard Firebox System ...
Page 44: ...Chapter 2 Service and Support 22 WatchGuard Firebox System ...
Page 61: ...Cabling the Firebox User Guide 39 ...
Page 68: ...Chapter 3 Getting Started 46 WatchGuard Firebox System ...
Page 78: ...Chapter 4 Firebox Basics 56 WatchGuard Firebox System ...
Page 156: ...Chapter 8 Configuring Filtered Services 134 WatchGuard Firebox System ...
Page 182: ...Chapter 9 Configuring Proxied Services 160 WatchGuard Firebox System ...
Page 220: ...Chapter 11 Intrusion Detection and Prevention 198 WatchGuard Firebox System ...
Page 242: ...Chapter 12 Setting Up Logging and Notification 220 WatchGuard Firebox System ...
Page 256: ...Chapter 13 Reviewing and Working with Log Files 234 WatchGuard Firebox System ...
Page 274: ...Chapter 14 Generating Reports of Network Activity 252 WatchGuard Firebox System ...