Presentation<br />On<br />IP Spoofing<br />
Spoofing<br />Is a situation in which One person or program  Successfully inserts false Or misleading information in e-mai...
overview<br /><ul><li>TCP/IP-in brief
IP spoofing</li></ul>            Basic overview<br />            IP spoofing-How it works<br />           Examples of spoo...
Conclusion          </li></li></ul><li>TCP/IP<br /><ul><li>General use of term describes the architecture upon which the I...
TCP and IP are specific protocols whithin that architecture.     </li></li></ul><li>TCP/IP <br />Appilication<br />Transpo...
IP<br /><ul><li>IP is the internet layer protocol.
Does not guarantee delivery or ordering only does its</li></ul> best to packets from a source address to a destination add...
IP assumes that each address is unique whithin the network.</li></li></ul><li>TCP<br /><ul><li>TCP is the transport layer ...
It guarantee delivery and ordering,but relies upon IP to move                     packets  proper destination.
Port number are used to express source and destination.
Destination port is assumed to be awaiting packets of data.</li></li></ul><li>IP Spoofing<br /><ul><li>Basically, IP spoof...
Normally, the source address is incorrect.
Lying about the source lets an attacker assume a new identity.
Because the source address is not the same as the attacker’s address,  any replies generated by
the destination will not be sent to the attacker.</li></li></ul><li>IP Spoofing<br /><ul><li>Blind and non blind spoofing.
Attacker must have an alternate way to spy on traffic/predict                                          response.
To maintain a connection,Attacker must adhere to protocol requirements.</li></li></ul><li>IP Spoofing-how it works!!<br />...
Attacker normally within a LAN/on the communication path between server and client.
Not blind,since the attacker can see traffic from both server and client.</li></li></ul><li>Example of spoofing attacks<br...
Upcoming SlideShare
Loading in …5
×

Presentation1

944 views

Published on

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
944
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
128
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Presentation1

  1. 1. Presentation<br />On<br />IP Spoofing<br />
  2. 2. Spoofing<br />Is a situation in which One person or program Successfully inserts false Or misleading information in e-mail or Netnews headers.Also known as header forgery.<br />
  3. 3. overview<br /><ul><li>TCP/IP-in brief
  4. 4. IP spoofing</li></ul> Basic overview<br /> IP spoofing-How it works<br /> Examples of spoofing attacks<br /> Mitnick attack<br /> Session Hijack<br /> Dos attack<br /><ul><li>Defending against the threat
  5. 5. Conclusion </li></li></ul><li>TCP/IP<br /><ul><li>General use of term describes the architecture upon which the Interweb is built.
  6. 6. TCP and IP are specific protocols whithin that architecture. </li></li></ul><li>TCP/IP <br />Appilication<br />Transport<br />TCP<br />IP<br />Interweb<br />NetworkAccess<br />Physical<br />
  7. 7. IP<br /><ul><li>IP is the internet layer protocol.
  8. 8. Does not guarantee delivery or ordering only does its</li></ul> best to packets from a source address to a destination address.<br /><ul><li>IP address are used to express the source and destination.
  9. 9. IP assumes that each address is unique whithin the network.</li></li></ul><li>TCP<br /><ul><li>TCP is the transport layer protocol.
  10. 10. It guarantee delivery and ordering,but relies upon IP to move packets proper destination.
  11. 11. Port number are used to express source and destination.
  12. 12. Destination port is assumed to be awaiting packets of data.</li></li></ul><li>IP Spoofing<br /><ul><li>Basically, IP spoofing is lying about an IP address.
  13. 13. Normally, the source address is incorrect.
  14. 14. Lying about the source lets an attacker assume a new identity.
  15. 15. Because the source address is not the same as the attacker’s address, any replies generated by
  16. 16. the destination will not be sent to the attacker.</li></li></ul><li>IP Spoofing<br /><ul><li>Blind and non blind spoofing.
  17. 17. Attacker must have an alternate way to spy on traffic/predict response.
  18. 18. To maintain a connection,Attacker must adhere to protocol requirements.</li></li></ul><li>IP Spoofing-how it works!!<br /><ul><li>IP spoofing used to take control of a session.
  19. 19. Attacker normally within a LAN/on the communication path between server and client.
  20. 20. Not blind,since the attacker can see traffic from both server and client.</li></li></ul><li>Example of spoofing attacks<br /><ul><li>Mitnick Attack
  21. 21. Session Hijack
  22. 22. Dos Attack</li></li></ul><li>Mitnick attack<br /><ul><li>Merry X-mas! Mitnick hacks a Diskless Workstation on December 25,1994
  23. 23. The victim-Tsutomu Shinomura
  24. 24. The attack-IP spoofing and abuse of trust ralationship between diskless terminal and login server.</li></li></ul><li>
  25. 25. Why Mitnick attack worked<br /><ul><li>Mitnick abused the trust ralationship between the server and workstation
  26. 26. He flooded the server to prevent communication between it and the workstation
  27. 27. Used math skillz to determine the TCP sequence number algorithm(i.e.add 128000)
  28. 28. This allowed Mitnick to open a connection without seeing the workstation outgoing </li></ul> sequence numbers and without the server interrupting his attack<br />
  29. 29.
  30. 30. Dos Attack<br /><ul><li>Denial of service(Dos) attack aimed preventing clients from accessing a service.
  31. 31. IP spoofing can be used to create Dos attacks.</li></li></ul><li>
  32. 32. Dos Attack<br /><ul><li>The attacker a large of requests from various IP addresses to fill services queue.
  33. 33. With the services queue filled,legitimate user’s cannot use the service.
  34. 34. Dos becomes more dangerous if spread to multiple computers.</li></li></ul><li>IP Spoofing-Defending<br /><ul><li>IP spoofing can be defended against in a number of ways:
  35. 35. AS mentioned other in the architecture model may reveal spoofing.
  36. 36. TCP sequence numbers are often used in this manner
  37. 37. Makes if difficult to proper sequence number if the attacker is blind
  38. 38. Filtering
  39. 39. “Smart” routers can detect IP address that are outside its domain i.e. Egress filtering
  40. 40. “smart “ server block IP range that appear to be conducting a Dos i.e. Ingress filtering</li></li></ul><li>IP Spoofing-Defending<br /><ul><li>Encryption And Authentication
  41. 41. Authentication is a mechanism where by the receiver of a transaction or message can be </li></ul> confident of the identity of sender and the integrity of message.<br /><ul><li>Use of encryption schemes.
  42. 42. Verification of identity of incoming packets.</li>

×