Question
Does the cloud firewall prevent IP address spoofing?
- Posted May 29, 2018
- DigitalOcean Cloud Firewalls
As the cloud firewall filters based on source IP addresses: Would it be possible for an attacker to create packets that have a spoofed source IP address and thus break through the firewall? I mean, assuming the attacker knew any whitelisted source IP addresses… I’m asking for both, the external network interface as well as the private network interface. Thank you!
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Try DigitalOcean for free
Click below to sign up and get $100 of credit to try our products over 60 days!
In the case of your firewall you are worried about someone establishing a connection and sending and receiving data, if someone was able to spoof an IP address, the return information would be sent to that IP address and so the “sender” would never receive it.
Also, services that are TCP oriented would probably reject that packet along the way, so it is unlikely to even reach the destination in the first place.
IP address spoofing is mostly used to create denial of service attacks on UDP based systems.
So the short answer is that you don’t have to worry about IP address spoofing. Plus in addition to the IP Address the assumption is that the user is still accessing a remote service that has some sort of authentication.
So you don’t have to worry about it.