NetScreen having IP spoofing vulanerability with 127.x.x.x ?

Hi news group

We did an audit on a NetScreen which is port forwarding the port 80 to an internal webserver and the audit said that we got a IP spoofing problem here. I checked the interface of the NetScreen but all are set to "IP spoofing protection".

The audit report mentions that the IP 127.0.0.1 got throught so it looks like 127.x.x.x gets thought as valid source IP address. This seams a bit strange to me, does NetScreen not drop such source IPs by default?

Anyone having experiance with such a "feature" ?

TIA, Oliver

Reply to
Oliver Habegger
Loading thread data ...

I assume you are refering to a Netscreen SSL VPN box. Netscreen's SAM (Secure Access Manager) utilizes loopback IP's to do it's reverse proxying. 127.0.0.1 is a valid source IP and likely gets mapped on the Netscreen. Not a problem.

alan

Reply to
Alan Strassberg

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.