0

We have a server which accepts traffic coming from a few sources (ip addresses) and accept's it (using firewalld). All other traffic inbound is blocked.

How likely is the risk that somebody successfully get through the firewall by spoofing one of the allowed ip's?

Thanks! Vincent

user1470265
  • 11

1 Answers1

2

For TCP traffic this not very likely as it would be very hard to complete the three-way handshake. UDP traffic would be possible when spoofing the source IP address.

Tommiie
  • 5,547
  • 2
  • 11
  • 45