DNS and UDP gets spoofed all THE time (look at ddos amplifying attacks), THE source IP can allways be spoofed however as long as THE traffic is encrypted with SSL or simular it allways Will be able to mitm THE requests just not get THE data cuz its encrypted, however lets say that your not useing dnscrypt then u should be worried about mitm attacks on DNS
"C. L. Martinez" <[email protected]> skrev: (25 januari 2017 10:08:54 CET) >Hi all, > >I have received a (maybe) "stupid" request from one of our customers. >We have a pair of public OpenBSD firewalls (CARPed) that our >development team use to access to several customers via VPN IPsec >tunnels. But this morning we have received a request from one of these >cutomers to access to our development servers using only one acl to >permit their public IP address (without using VPN IPsec, or VPN SSL >tunnels). > >And my (OT) question: how easy is to do a MITM attack (DNS spoofing for >example, or another type of attack that permits to fake source public >ip address) in this scenario? > >Many thanks. > >-- >Greetings, >C. L. Martinez -- Sincerly flipchan - LayerProx dev
