How to avoid IP Spoofing by Vigor Router?

An IP spoofing is a hacker uses some tools to modify the source address in the packet header to make the receiving system or device think the packet is from a trusted source, such as another computer on a local network, and accept it. Vigor Router supports IP Spoofing Defense feature to prevent such spoofing events. The IP Spoofing Defense feature can be found found in Firewall >>Defense Setup >> Spoofing Defense page.

configure ip spoofing defense on vigor router

There are two options:

1. Block IP packet from WAN with inconsistent source IP addresses (Enabled by default)

While receiving packets from WAN, Vigor Router will check if the source IP address and the coming WAN interface is reasonable. If not, Vigor will drop the packet instead of forwarding it to the internal server.

For example, if Vigor’s LAN network IP address is 192.168.1.1 and it receives the packet from WAN with the source IP 192.168.1.100, Vigor will drop the packet and send the defense log like the follows: [IP Spoofing Defense]Block packet from WAN with source IP: 192.168.1.100

2. Block IP packet from LAN with inconsistent source IP addresses

When receiving packets from LAN and the option is enabled, Vigor Router will check if the source IP and the coming LAN interface is reasonable. If not, Vigor will drop the packet and display the log below:[IP Spoofing Defense]Block packet from LAN with source IP: 192.168.239.31

Published On: Apr 23, 2019 

Was this helpful?     


Related Articles