Preventing Spoofing at the Edge
Not all security at the edge of an autonomous system focuses on protecting the BGP sessions running and the BGP speakers; there are a lot of other precautions that can be taken at the edge of the network to protect the network itself as well. One primary area of concern is preventing attackers who are spoofing IP addresses, using an IP address other than their own, to launch an attack against some other network. Figure 9.3 illustrates.
Figure 9.3. Using spoofing to launch an attack against a server.
The laptop, which is temporarily connected to 10.3.1.0 network, is requesting a traffic stream from 10.2.1.10, but ...
Get Practical BGP now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
