Question

Does the cloud firewall prevent IP address spoofing?

Posted May 29, 2018 1k views
DigitalOcean Cloud Firewalls

As the cloud firewall filters based on source IP addresses: Would it be possible for an attacker to create packets that have a spoofed source IP address and thus break through the firewall?
I mean, assuming the attacker knew any whitelisted source IP addresses…
I’m asking for both, the external network interface as well as the private network interface.
Thank you!

Add a comment
pgaubatz
By:
pgaubatz
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

1 answer
moisey December 4, 2019

In the case of your firewall you are worried about someone establishing a connection and sending and receiving data, if someone was able to spoof an IP address, the return information would be sent to that IP address and so the “sender” would never receive it.

Also, services that are TCP oriented would probably reject that packet along the way, so it is unlikely to even reach the destination in the first place.

IP address spoofing is mostly used to create denial of service attacks on UDP based systems.

So the short answer is that you don’t have to worry about IP address spoofing. Plus in addition to the IP Address the assumption is that the user is still accessing a remote service that has some sort of authentication.

So you don’t have to worry about it.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help