One method of attempting to gain access to a restricted area of the network is to insert a bogus source address in the packet header to make the packet appear to come from a trusted source. This technique is called IP spoofing.
|
Before You Begin |
|---|
|
For background information, read Understanding Attacker Evasion Techniques. |
To block IP spoofing, use the JUNOS CLI configuration editor.
- user@host# set security screen ip-spoofing ip spoofing
- user@host# set security zones security-zone zone screen
ip-spoofing