Re: Spoofing IP Addresses when sending emails
steve wrote:
It's really is NOT hard, even without spoofing.
I did something like this for one of my MSc projects. (working proof of
concept)
written in java, it bounced the emails off an open printer in "red neck"
country, what's really funny ,was i went in via a public IP but bounced from
the printers internal network address to the Email servers internal
address.
Agreed. I first learned about it reading the docs for IPFILTER, the
firewall that comes with FreeBSD. I was just setting up a NAT/Firewall
server in my house as a fun project. Hobbyist stuff.
IPFILTER also runs on multiple platforms, btw. I found it much, much
more clear to configure than IPTABLES.
<http://www.freebsd.org/doc/en/books/handbook/firewalls-ipf.html>
<http://www.pir.net/pir/ipf/ipf-howto.pdf>
get a decent firewall
"endian" will do the trick and will block all this shit plus it's open
source.
I think some attempt at general understanding of security issues would
be the best starting point. A firewall is part of a solution, not a
complete solution. In the OPs case, he had a misconfigured SMTP server
(imo). A firewall won't help with configuration of HTTP either.
Consider all the problems one could have with, say, SQL injection in a
Java EE App if data isn't validated properly. The list goes on-and-on.
It's a fascinating subject though. Always something new to learn.