About Spoofing Attacks

One method that attackers use to enter your network is to make an electronic false identity. This is an IP spoofing method that attackers use to send a TCP/IP packet with a different IP address than the computer that first sent it.

When anti-spoofing is enabled, the Firebox verifies the source IP address of a packet is from a network on the specified interface.

The default configuration of the Firebox is to drop spoofing attacks.

To protect against spoofing attacks, from Fireware Web UI:

  1. Select Firewall > Default Packet Handling.
    The Default Packet Handling page appears.

Screen shot of the Default Packet Handling page

  1. Select or clear the Drop Spoofing Attacks check box.
  2. Click Save.

To protect against spoofing attacks, from Policy Manager:

  1. Click .
    Or, select Setup > Default Threat Protection > Default Packet Handling.
    The Default Packet Handling dialog box appears.

Screen shot of the Default Packet Handling dialog box

  1. Select or clear the Drop Spoofing Attacks check box.
  2. Click OK.

See Also

About Default Packet Handling Options