> On Jul 29, 2016, at 12:07 PM, Ralph Seichter <postfix...@seichter.de> wrote:
>
> On 29.07.16 15:50, Bill Cole wrote:
>
>>>> is there any chance that a whitelisted IP address [...] could
>>>> have been spoofed?
>>>
>>> Yes. Search for "IP address spoofing" in the search engine of your
>>> choice and you will find what you are looking for.
>>
>> By that standard, we are ruled by a disguised race of alien
>> lizard-people. (Really, Google it...)
>
> Roger's question was clear. "Is there any chance that a whitelisted IP
> address [...] could have been spoofed?". The answer is yes.
And yet in practice Bill is right. IP spoofing by spammers and virus
authors is not a realistic attack vector. Attackers who can manipulate
BGP routes and mount MiTM attacks on TCP are likely nation-state actors.
IP spoofing is the least of your worries when defending against
sophisticated targeted attacks by nation states.
--
Viktor.
