beagle wrote:Can an IDS use the autoshun feature against it's loopback address (127.0.0.1)?
If it does, a hacker could spoof their IP address and make it 127.0.0.1. Then the IDS blocks itself!
If it can, that's just messed up.
You cannot spoof IP addresses, except by spoofing the XFORWARD header in packets but that isn't really spoofing an IP and it is incredibly unlikely that an IDS would take the XFORWARD header as the IP because it is so easily spoofed.
You're confusing IP addresses with Mac addresses (which are incredibly easy to spoof).
Hope this helps.