IP spoofing is a method of attacking a network by disguising the source IP address of packets sent to a target. The attacker determines the IP address of a trusted machine and spoofs packets to appear to come from that machine. This allows the attacker to potentially gain unauthorized access to the target system. Successful IP spoofing exploits flaws in the TCP/IP protocol that allow modification of source IP addresses but rely on the destination address for routing responses. Defenses include packet filtering, filtering at routers, encryption, and cryptographic methods.
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system. On January 22, 1995, in an article entitled, ―New form of attack on computers linked to Internet is uncovered, John Markoff of the New York Times reported on the TCP/IP protocol suite's security weakness known as IP spoofing. The IP spoofing security weakness was published by S. M. Bellovin (1989). However, not much attention has been paid to the security weaknesses of the TCP/IP protocol by the general public. This is changing as more people and companies are connecting to the Internet to conduct business. This paper is on ― “Proposed methods of IP Spoofing Detection & Prevention”. This paper contains an overview of IP address and IP Spoofing and its background. It also shortly discusses various types of IP Spoofing, how they attack on communication system. This paper also describes some methods to detection and prevention methods of IP spoofing and also describes impacts on communication system by IP Spoofing. We think that our proposed methods will be very helpful to detect and stop IP spoofing and give a secured communication system.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Passive IP Traceback: Disclosing the Locations of IP Spoofers from Path Backs...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system. On January 22, 1995, in an article entitled, ―New form of attack on computers linked to Internet is uncovered, John Markoff of the New York Times reported on the TCP/IP protocol suite's security weakness known as IP spoofing. The IP spoofing security weakness was published by S. M. Bellovin (1989). However, not much attention has been paid to the security weaknesses of the TCP/IP protocol by the general public. This is changing as more people and companies are connecting to the Internet to conduct business. This paper is on ― “Proposed methods of IP Spoofing Detection & Prevention”. This paper contains an overview of IP address and IP Spoofing and its background. It also shortly discusses various types of IP Spoofing, how they attack on communication system. This paper also describes some methods to detection and prevention methods of IP spoofing and also describes impacts on communication system by IP Spoofing. We think that our proposed methods will be very helpful to detect and stop IP spoofing and give a secured communication system.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
This is a presentation explaining about ip spoofing .IP spoofing one of the cyber attack it stolen the other data . This give awareness tof the ip spoofing.
AN EFFICIENT IP TRACEBACK THROUGH PACKET MARKING ALGORITHMIJNSA Journal
Denial-of-service (DoS) attacks pose an increasing threat to today’s Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijripublishers Ijri
There is a necessity to think over IP traceback technique that help us to track or predict IP address details of malicious
attackers and reveal their actual locations. In spite of lot of research over IP traceback solutions, still there is a necessity
to find an optimal solution that could be implemented at the level of Internet. Real identity of spoofers couldn’t be
revealed by conventional techniques used until today. Through this paper we emphasize primarily on traceback of passive
IP (PIPT) that avoid the procedural risks involved in implementing IP traceback solutions. Path Backscatter (Internet
Control Message Protocol (ICMP) error messages) is probed by PIPT. Spoofing traffic fires these Backscatter, in order to
find the details of spoofer’s topological physical identity and bypasses procedural risks.
Impacts of normal mode and complication mode over Router topological structure are visualized. Nodal info tracker
over parameter i.e Bandwidth, digital sign, source IP, Dest IP and attack status on three network parameters. Spoofing
has been performed on IP addresses, packet data and bandwidth .These three parameter i.e IP addresses, packet data,
bandwidth status and topological nature are been demonstrated through technical stimulation. From the study made
we are able to assure optimized technique of traceback system through PIPT, in order to face the challenges of deployment
at internet level.
it is a precise and well designed presentation regarding the topic "IP SPOOFING".It can be useful for any computer science student seeking a good topic for papre presentation.
This is a presentation explaining about ip spoofing .IP spoofing one of the cyber attack it stolen the other data . This give awareness tof the ip spoofing.
AN EFFICIENT IP TRACEBACK THROUGH PACKET MARKING ALGORITHMIJNSA Journal
Denial-of-service (DoS) attacks pose an increasing threat to today’s Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.
Ijricit 01-001 pipt - path backscatter mechanism for unveiling real location ...Ijripublishers Ijri
There is a necessity to think over IP traceback technique that help us to track or predict IP address details of malicious
attackers and reveal their actual locations. In spite of lot of research over IP traceback solutions, still there is a necessity
to find an optimal solution that could be implemented at the level of Internet. Real identity of spoofers couldn’t be
revealed by conventional techniques used until today. Through this paper we emphasize primarily on traceback of passive
IP (PIPT) that avoid the procedural risks involved in implementing IP traceback solutions. Path Backscatter (Internet
Control Message Protocol (ICMP) error messages) is probed by PIPT. Spoofing traffic fires these Backscatter, in order to
find the details of spoofer’s topological physical identity and bypasses procedural risks.
Impacts of normal mode and complication mode over Router topological structure are visualized. Nodal info tracker
over parameter i.e Bandwidth, digital sign, source IP, Dest IP and attack status on three network parameters. Spoofing
has been performed on IP addresses, packet data and bandwidth .These three parameter i.e IP addresses, packet data,
bandwidth status and topological nature are been demonstrated through technical stimulation. From the study made
we are able to assure optimized technique of traceback system through PIPT, in order to face the challenges of deployment
at internet level.
it is a precise and well designed presentation regarding the topic "IP SPOOFING".It can be useful for any computer science student seeking a good topic for papre presentation.
Abstract: Forged source IP addresses are used by the attackers to hide the locations. For finding the locations of the attackers IP Traceback Mechanism have been used. IP Traceback approaches can be classified in to Packet Marking, ICMP Traceback, Logging on the Router, Link Testing, Overlay and Hybrid Tracing, Based on the captured backscatter messages spoofing activities are still frequently observed. The IP Traceback system on the internet contain with two critical challenges. The first one is the cost to adopt a traceback mechanism in the routing system. It introduces considerable overhead to the routers generation, packet logging, especially in the high performance networks. The second one is the difficulty to make Internet Service Providers(ISP) collobrate. Attackers spread over every corner of the world, single ISPs to deploy its own traceback system is meaningless. ISPs are generally lack of explicit incentive to help clients of the others to trace attackers in their managed system. There are lot of IP traceback mechanisms and large number of spoofing activities observed , but the real locations of spoofers still remain mystery. Due to the some of the drawbacks it has not been widely used to trace the IP traceback solution. Finally, it was not used to find the locations of the attackers. To overcome the drawback of IP traceback mechanism we propose a Passive IP Traceback Mechanism(PIT). The router may generate an ICMP error message and send the message to the spoofed source addresses. The routers can be close to the attackers, the path backscatter messages may disclose the locations of the attackers. PIT can work in a number of spoofing activities. This technique uses the ICMP features and find the attackers by applying PIT on the ICMP dataset, a number of locations of attackers are captured and presented. As a result, these technique reveal IP spoofing, but it was not well understood. In future, it may be the most suitable mechanism for tracing the attackers on the Internet Level Traceback System.
Keywords: IP Traceback, packet logging, path backscatter, hybrid tracing, link testing.
Title: REVEALING THE LOCATIONS OF IP SPOOFERS FROM ICMP
Author: J Saranya, Dr. A J Deepa
ISSN 2350-1022
International Journal of Recent Research in Mathematics Computer Science and Information Technology
Paper Publications
It is for the new users those don't have much knowledge regarding IT Security. Here i focus on Windows In built firewall, Comodo, Zone Alarm and Out Post pro configuration basics.
Avoiding Man in the Middle Attack Based on ARP Spoofing in the LANEditor IJCATR
As technology is running on its wheels, networking has turned into one of our basic aspects. In this world along with
networking inimical vulnerabilities are also advancing in a drastic manner, resulting in perilous security threats. This calls for the great
need of network security. ARP spoofing is one of the most common MITM attacks in the LAN. This attack can show critical
implications for internet users especially in stealing sensitive information’s such as passwords. Beyond this it can facilitate other
attacks like denial of service(DOS), session hijacking etc..,. In this paper we are proposing a new method by encrypting MAC address
to shield from ARP cache poisoning
Session hijacking occurs when a session token is sent to a client browser from the Web server following the successful authentication of a client logon. A session hijacking attack works when it compromises the token by either confiscating or guessing what an authentic token session will be, thus acquiring unauthorized access to the Web server. This can result in session sniffing, man-in-the-middle or man-in-the-browser attacks, Trojans, or even implementation of malicious JavaScript codes.
Web developers are especially wary of session hijacking because the HTTP cookies that are used to sustain a website session can be bootlegged by an attacker.
A computer network plays a major part in the development of any industry. Nowadays, in this fast paced
networking world each and every industry depends on internet for their progress. As said above this is the fast
paced world, the attack to disable the progress are also fast paced. DDoS (Distributed Denial of Service) is one
among them. Though it is one of the many attacks, they temporarily disable a service provided by the company.
This paper proposes a series of steps which not only checks the possible attack but also tries its best to thwart
them. Instead of going for conventional approach of blocking the excess traffic, the proposed approach will
prolong the access to the service. In the mean time checking for the possible attack is done. Thus, not only it
thwarts the attacks but also gives them reliable user their access with a little bit of delay, resulting in high
reliability.
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...ClaraZara1
The IP(Internet Protocol) spoofing is a technique that consists in replacing the IP address of the sender by another sender’s address. This technique allows the attacker to send a message without being intercepted by the firewall. The most used method to deal with such attacks is the technique called "Network Ingress Filtering". This technique has been used, initially, forIPv4 networks, but its principles, are currently extended toIPv6 networks.Unfortunately, it has some limitations, the main is its accuracy. To improve safety conditions, we applied the "First-Come First-Serve (FCFS)" technique, applied for IPV6 networks, and developed by the "Internet Engineering Task Force (IETF)" within its working group "Source Address Validation Improvements (SAVI)", which is currently being standardization. In this paper, we remember the course of an attack by IP Spoofing and expose the threats it entails.Then, we explain the "Network Ingress Filtering" technique. Next, We present the FCFS SAVI method and methodology that we have adopted for its implementation.Finally, we, followingthe results, discuss and compare the advantages, disadvantages andlimitations of the FCFSSAVI methodto thoseknown in the "Network Ingress Filtering" technique. FCFS SAVI method is more effective than the technique of "Network Ingress Filtering", but requires some improvements, for dealing with limitations it presents.
Similar to INTERNATIONAL INDEXED REFEREED RESEARCH PAPER (20)
Investigations were carried out to see the effect of pesticide 'companion' on the proximal composition and enzyme namely amylase, GOT and GPT of whole green gram in the early stages of germination. The findings revealed that the pesticides increase the enzyme activity in the early stages of germination and thus increase the metabolic rate. The Vitamin-C content was also enhanced with the use of pesticide, but there was a decrease in the proximal composition of the gram when treated with pesticide.
Afghanistan as a landlocked country occupies crucial geo-strategic
location connecting East & west Asia. This work is also the sincere effort to highlight the
factors which can bring sustainable development and peace in Afghanistan & also those
negative factors which are encouraging extremism of Taliban, terrorism and undue interference
by some countries. Generally it has been seen that the regional powers are also vary in action.
I also highlight the role of regional and trans- regional actors which are creating obstacles
in the construction of peaceful Afghanistan. I have also try to highlights the suggestions and
recommendation for the establishment of sustainable development & peace in afghanistan
through the collective support of major powers.
Key words : Afghanistan, Taliban, Great Game, Durand line,Russia ,Caspian sea,WTC
The research paper focuses on the Indian immigrant's experiences of immigration, nostalgia, language,
tradition, and acculturation in the host land with reference to Uma Parameswaran's literary fiction, "What Was
Always Hers". As a diasporic writer, she has seen and experienced immigrant life in the host country, Canada
and in her diasporic works; she has highlighted Indian immigrants' cultural displacement in the adopted country,
Canada. In the present book, she has explored the immigrant life of Indians especially immigrated women in their
adopted country. Her characters are always live in confusion to accept the culture of the native country or host
country and express their socio-cultural ties towards their homeland.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
Safalta Digital marketing institute in Noida, provide complete applications that encompass a huge range of virtual advertising and marketing additives, which includes search engine optimization, virtual communication advertising, pay-per-click on marketing, content material advertising, internet analytics, and greater. These university courses are designed for students who possess a comprehensive understanding of virtual marketing strategies and attributes.Safalta Digital Marketing Institute in Noida is a first choice for young individuals or students who are looking to start their careers in the field of digital advertising. The institute gives specialized courses designed and certification.
for beginners, providing thorough training in areas such as SEO, digital communication marketing, and PPC training in Noida. After finishing the program, students receive the certifications recognised by top different universitie, setting a strong foundation for a successful career in digital marketing.
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
South African Journal of Science: Writing with integrity workshop (2024)
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
1. 44 SHODH, SAMIKSHA AUR MULYANKAN
International Indexed & Refereed Research Journal, ISSN 0974-2832,(Print) E- ISSN-2320-5474, December,2013, VOL-V * ISSUE- 59
Introduction
Criminals have long employed the tactic of
masking their true identity, fromdisguises to aliases to
caller-id blocking. It should come as no surprise then,
thatcriminalswhoconducttheirnefariousactivitieson
networks and computers should employ such tech-
niques. IP spoofing is one of the most common forms
ofon-linecamouflage.InIPspoofing,anattackergains
unauthorized access to a computer or a network by
making it appear that a malicious message has come
from a trusted machine by "spoofing" the IP address
ofthat machine. In the subsequent pages ofthisreport,
we will examine the concepts of IP spoofing: why it is
possible, how it works, what it is used for and how to
defend against it.
TCP/IPProtocolSuite
IP SpoofingexploitstheflawsinTCP/IP pro-
tocol suite. In order to completely understand how
these attacks can take place, one must examine the
structure of the TCP/IP protocol suite. Abasic under-
standing of these headers and network exchanges is
crucial to the process.
3.1InternetProtocol-IP
The Internet Protocol (or IP as it generally
known),isthenetworklayeroftheInternet.IPprovides
a connection-less service. The job of IP is to route and
send a packet to the packet's destination. IP provides
no guarantee whatsoever, for the packets it tries to
deliver. The IP packets are usually termed datagrams.
The datagrams go through a series of routers before
they reach the destination. At each node that the
datagram passes through, the node determines the
next hop for the datagram and routes it to the next hop.
Since the network is dynamic, it is possible that two
Research Paper
December , 2013
IPSpoofing
* Yash Batra
IP spoofing is a method of attacking a network in order to gain unauthorized access. The attack is based on the fact that
Internet communication between distant computers is routinely handled by routers which find the best route by examining
the destination address, but generally ignore the origination address. The origination address is only used by the destination
machine when it responds back to the source. In a spoofing attack, the intruder sends messages to a computer indicating
that the message has come from a trusted system. To be successful, the intruder must first determine the IP address of a trusted
system, and then modify the packet headers to that it appears that the packets are coming from trusted user. In essence, the
attacker is fooling (spoofing) the distant computer into believing that they are a legitimate member of the network. The goal
of the attack is to establish a connection that will allow the attacker to gain root access to the host, allowing the creation
of a backdoor entry path into the target system.
A B S T R A C T
datagramsfromthesame sourcetake differentpaths to
make it to the destination. Since the network has vari-
able delays,it is notguaranteed that the datagrams will
be received in sequence. IP only tries for a best-effort
delivery.Itdoesnottakecareoflostpackets;thisisleft
to the higher layer protocols. There is no state main-
tained between two datagrams; in other words, IP is
connection-less
3.2TransmissionControlProtocol-TCP
IP can be thought of as a routing wrapper for layer 4
(transport), which contains the Transmission Control
Protocol(TCP).UnlikeIP,TCPusesaconnection-ori-
enteddesign.ThismeansthattheparticipantsinaTCP
session must first build a connection - via the 3-way
handshake (SYN-SYN/ACK-ACK) - then update one
another on progress - via sequences and
acknowledgements.This"conversation",ensuresdata
reliability, since the sender receives an OK from the
recipient after each packet exchange.
3.3 ConsequencesoftheTCP/IPDesign
Nowthat we have an overviewof the TCP/IP
formats, let's examine the consequences. Obviously,
it'sveryeasytomaskasourceaddressbymanipulating
an IP header. This technique is used for obvious rea-
sons and is employed in several of the attacks dis-
cussed below. Another consequence, specific to TCP,
is sequence number prediction, which can lead to ses-
sion hijacking or host impersonating. This method
builds on IP spoofing, since a session, albeit a false
one, is built. We will examine the ramifications of this
in the attacks discussed below.
SpoofingAttacks
There are a few variations on the types of
attacksthatsuccessfullyemployIPspoofing.Although
*B.Tec(CSE)
2. 45SHODH, SAMIKSHA AUR MULYANKAN
International Indexed & Refereed Research Journal, ISSN 0974-2832,(Print) E- ISSN-2320-5474, December,2013, VOL-V * ISSUE- 59
some are relatively dated, others are very pertinent to
current security concerns. IP-spoofing consists of
several steps, which I will briefly outline here, then
explain in detail. First, the targethost is chosen. Next,
a pattern of trust is discovered, along with a trusted
host. The trusted host is then disabled, and the target's
TCP sequence numbers are sampled. The trusted host
is impersonated, the sequence numbers guessed, and
a connection attempt is made to a service that only
requires address-based authentication. If successful,
the attacker executes a simple command to leave a
backdoor.
4.1MitnickAttack
4.2 Session Hijack
4.3 DosAttack
4.4Non-BlindSpoofing
4.5BlindSpoofing
MechanismOfTheAttack
They are supposed to go the trusted host. As
farasthenetworklayerisconcerned,thisiswherethey
originallycamefrom,andthisiswhereresponsesshould
go. Ofcourse oncethedatagrams arerouted there,and
theinformationisdemultiplexedup theprotocolstack,
and reachesTCP,itisdiscarded(thetrustedhost'sTCP
cannot respond-- see below). So the attacker has to be
smart and *know* what was sent, and *know* what
reponse the server is looking for. The attacker cannot
see what the target host sends, but she can *predict*
what it will send; that coupled with the knowledge of
what it *will* send, allows the attacker to work around
this blindness
infacttrustsomebody. Ifitdidn't,theattackwould end
here). Figuring out who a host trusts may or may not
beeasy. A'showmount-e'mayshowwherefilesystems
are exported, and rpcinfo can give out valuable infor-
mation as well. If enough background information is
known about the host, it should not be too difficult. If
allelse fails,trying neighboringIP addressesinabrute
force effort may be a viable option.
MethodsToPreventIpSpoofingAttack
6.1Packetfiltering
6.2 Filtering at the Router
6.3 Encryption and Authentication
6.4 Cryptographic Methods
ApplicationsOfIpSpoofing
7.1Asymmetricrouting(Splitting routing)
Asymmetric routing means traffic goes over
different interfaces for directions in and out. In other
words, asymmetric routing is when the response to a
packetfollowsadifferentpathfromonehosttoanother
thantheoriginalpacketdid.Themorecorrectandmore
general answer is, for any source IP address 'A' and
destination 'B', the path followed by any packet (re-
quest or response) from 'A' to 'B' is different than the
path taken by a packet from 'B' to 'A'.
After a target is chosen the attacker must
determine the patterns of trust (for the sake of argu-
ment, we are going to assume the target host *does*
Fig.ValidSourceIPAddress
7.2 Sat Dsl
SatelliteDSL(SATDSL)makesuseofasymmetricrout-
ing.
Fig. Satellite DSL
The advantage of a satellite network is to
provide high bandwidth services independent of the
3. 46 SHODH, SAMIKSHA AUR MULYANKAN
International Indexed & Refereed Research Journal, ISSN 0974-2832,(Print) E- ISSN-2320-5474, December,2013, VOL-V * ISSUE- 59
userslocationoverawidegeographicalarea.Asatellite
network consists of two types of stations: feeds and
receivers.Everyreceiverhasasatellitedishconnected
toauserstation.Theuserstationhasanextrainterface,
DSL modem connected to the ISP, this is called return
channel. All requests to Internet are sent via DSL
connection, and responses from Internet should be
routed by a feed on the satellite network. After the
informationis sentfromthe feed to asatellite,it willbe
broadcasttoallthereceiversthatbelongto thesatellite
coverage. Installing feeds in strategic positions over
the Internet will create shorter paths and higher band-
width provided by the satellite network. The user host
has therefore two IP addresses, one for the satellite
subnetwork and the other for the regular connection
subnetwork (return channel).
ThetrafficpathofsatelliteDSLis:
1. Following the Journey of a Spoofed Packet http://www.scs.carleton.ca/~dlwhyte/whytepapers/ipspoof.htm
2. NAT and Networks http://www.suse.de/~mha/linux-ip-nat/diplom/node4.html
3. Asymmetric routing - Jani Lakkakorpi http://keskus.hut.fi/tutkimus/ipana/paperit/QoSR/S130-QoSR-asymmetric.pdf
4. TCP/IP protocol suite - Thomas Toth
R E F E R E N C E
If one of these links were to do NAT, then they would
alter the source or destinations of the packet as it
passes through. Usually the link doing NAT will re-
member how it mangled a packet, and when a reply
packet passes through the other way, it will do the
reverse mangling on that reply packet, so everything
works.
Advantages
Freedom of spoofing. The attacker is not
bounded by a specific range of IPs. No wasted or
unneeded initiated packets. The attacker sends one
TCP/UDPpacket per port.No tracing of the original
scanner. Detection of the scanning machine
isimpossible at the IP layer.
Disadvantages
Noreplies.Therewillbenoreplypacketsarrivingatthe
scanning machine. No results. Since replies are not
received, the attacker won't know port status.
Conclusion
IP spoofing is less of a threat today due to the
patches to the Unix Operating system and the wide-
spread use of random sequence numbering. Many
securityexpertsare predictinga shift fromIP spoofing
attacks to application-related spoofing in which hack-
ers can exploit a weakness in a particular service to
send and receive information under false identities.As
Security professionals, we must remain current with
the Operating Systems that we use in our day to day
activities. A steady stream of changes and new chal-
lenges is assured as the hacker community continues
to seek out vulnerabilities and weaknesses in our sys-
tems and our networks.
Fig.TrafficPath of Satellite DSL
7.3NAT
NATisnetworkaddresstranslation.Normally,
packets on a network travel from their source to their
destinationthroughmanydifferentlinks.Noneofthese
links really alter your packet, they just send it onward.