08-06-2012, 12:01 PM
INTRODUCTION OF IP SPOOFING
IP SPOOFING.ppt (Size: 494 KB / Downloads: 1)
Types of spoofing
IP spoofing: Attacker uses IP address of another computer to acquire information or gain access.
Email spoofing: Attacker sends email but makes it appear to come from someone else
Web spoofing: Attacker tricks web browser into communicating with a different web server than the user intended.
IP Spoofing
IP spoofing is the creation of tcp/ip packets with somebody else’s IP address in the header.
Routers use the destination IP address to forward packets, but ignore the source IP address.
The source IP address is used only by the destination machine, when it responds back to the source.
When an attacker spoofs someone’s IP address, the
victim’s reply goes back to that address.
Blind IP Spoofing
Usually the attacker does not have access to the reply, abuse trust relationship between hosts.
For example: Host C sends an IP datagram with the address of some other host (Host A) as the source address to Host B. Attacked host (B) replies to the legitimate host (A).
Man in the middle attack
If an attacker controls a gateway that is in the delivery route, he can
Sniff the traffic
Intercept the traffic
Modify traffic
This is not easy in the internet because of hop by hop routing, unless source routing is used.
CONCLUSION
IP spoofing is less of a threat today due to the use of random sequence numbering.
Many security experts are predicting a shift from IP spoofing attacks to application-related spoofing.
Sendmail is one example, that when not properly configured allows anyone to send mail as president[at]whitehouse.gov.