Your SlideShare is downloading. ×
Presentation1
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Presentation1

743
views

Published on

Published in: Education, Technology

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
743
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
118
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Presentation
    On
    IP Spoofing
  • 2. Spoofing
    Is a situation in which One person or program Successfully inserts false Or misleading information in e-mail or Netnews headers.Also known as header forgery.
  • 3. overview
    • TCP/IP-in brief
    • 4. IP spoofing
    Basic overview
    IP spoofing-How it works
    Examples of spoofing attacks
    Mitnick attack
    Session Hijack
    Dos attack
    • Defending against the threat
    • 5. Conclusion
  • TCP/IP
    • General use of term describes the architecture upon which the Interweb is built.
    • 6. TCP and IP are specific protocols whithin that architecture.
  • TCP/IP
    Appilication
    Transport
    TCP
    IP
    Interweb
    NetworkAccess
    Physical
  • 7. IP
    • IP is the internet layer protocol.
    • 8. Does not guarantee delivery or ordering only does its
    best to packets from a source address to a destination address.
    • IP address are used to express the source and destination.
    • 9. IP assumes that each address is unique whithin the network.
  • TCP
    • TCP is the transport layer protocol.
    • 10. It guarantee delivery and ordering,but relies upon IP to move packets proper destination.
    • 11. Port number are used to express source and destination.
    • 12. Destination port is assumed to be awaiting packets of data.
  • IP Spoofing
    • Basically, IP spoofing is lying about an IP address.
    • 13. Normally, the source address is incorrect.
    • 14. Lying about the source lets an attacker assume a new identity.
    • 15. Because the source address is not the same as the attacker’s address, any replies generated by
    • 16. the destination will not be sent to the attacker.
  • IP Spoofing
    • Blind and non blind spoofing.
    • 17. Attacker must have an alternate way to spy on traffic/predict response.
    • 18. To maintain a connection,Attacker must adhere to protocol requirements.
  • IP Spoofing-how it works!!
    • IP spoofing used to take control of a session.
    • 19. Attacker normally within a LAN/on the communication path between server and client.
    • 20. Not blind,since the attacker can see traffic from both server and client.
  • Example of spoofing attacks
  • Mitnick attack
    • Merry X-mas! Mitnick hacks a Diskless Workstation on December 25,1994
    • 23. The victim-Tsutomu Shinomura
    • 24. The attack-IP spoofing and abuse of trust ralationship between diskless terminal and login server.
  • 25. Why Mitnick attack worked
    • Mitnick abused the trust ralationship between the server and workstation
    • 26. He flooded the server to prevent communication between it and the workstation
    • 27. Used math skillz to determine the TCP sequence number algorithm(i.e.add 128000)
    • 28. This allowed Mitnick to open a connection without seeing the workstation outgoing
    sequence numbers and without the server interrupting his attack
  • 29.
  • 30. Dos Attack
    • Denial of service(Dos) attack aimed preventing clients from accessing a service.
    • 31. IP spoofing can be used to create Dos attacks.
  • 32. Dos Attack
    • The attacker a large of requests from various IP addresses to fill services queue.
    • 33. With the services queue filled,legitimate user’s cannot use the service.
    • 34. Dos becomes more dangerous if spread to multiple computers.
  • IP Spoofing-Defending
    • IP spoofing can be defended against in a number of ways:
    • 35. AS mentioned other in the architecture model may reveal spoofing.
    • 36. TCP sequence numbers are often used in this manner
    • 37. Makes if difficult to proper sequence number if the attacker is blind
    • 38. Filtering
    • 39. “Smart” routers can detect IP address that are outside its domain i.e. Egress filtering
    • 40. “smart “ server block IP range that appear to be conducting a Dos i.e. Ingress filtering
  • IP Spoofing-Defending
    • Encryption And Authentication
    • 41. Authentication is a mechanism where by the receiver of a transaction or message can be
    confident of the identity of sender and the integrity of message.
    • Use of encryption schemes.
    • 42. Verification of identity of incoming packets.

×