SlideShare a Scribd company logo

IP Spoofing: Understanding and Preventing this Network Attack

Download as PPTX, PDF
P
priya_kp03

it is a precise and well designed presentation regarding the topic "IP SPOOFING".It can be useful for any computer science student seeking a good topic for papre presentation.

TechnologyEducation
1 of 21
IP SPOOFING SRIRANGAM PRIYANKA
AGENDA… 1.What is IP Spoofing???#4.WHAT IS IP SPOOFING??? 2.Why is IP Spoofing so easy? WHY IS IP SPOOFING EASY?? 3.Kinds of IP Spoofing. KINDS OF IP Spoofing.. 4. A brief idea regarding TCP header.TCP HEADER… 5.Mechanism of IP Spoofing. MECHANISM OF IP SPOOFING 6.Prevention of IP Spoofing. PREVENTION OF IP SPOOFING
CONTINUED… 7.Conclusion.CONCLUSION 8.References.REFERENCES…
WHAT IS IP SPOOFING???  The attacker uses an unauthorised internet protocol address(IP address) making itself appear as a trusted machine .  Prime weakness of IP address based networks.  Attacker does not care about receiving packets(Denial of Service) or it has some way of guessing the response.  Attacker may use an internal IP address or an authorised IP address from an external network.
WHY IS IP SPOOFING POSSIBLE??  None of the fields in an IP header are encrypted.  Easy to set an arbitrary destination address.  The destination has no way to ascertain that the datagram has actually originated from an IP address other than the one in the source address field.  Routers look at Destination addresses only.
KINDS OF IP Spoofing..  Nonblind Spoofing: used when the attacker is on the same subnet as the victim.  Attacker sniffs the packets and makes the sequence and acknowledge numbers available.
CONTINUED..  Blind Spoofing : Several packets are sent to the target machine in order to sample sequence numbers.  Host c sends an IP datagram with the address of some other host(host A) as the source address to host B. Attacked host(B) replies to the legitimate host(A).
TCP HEADER…  A connection oriented transport layer protocol.  Two important features that we need are sequence no. and the acknowledgement no.
CONTINUED…  Each party numbers the bytes sent with a different starting byte no.  When data are sent in segments, a sequence no. Is assigned to each segment, which is the no. of the first byte in the segment.  An acknowledgement no. is used to confirm the bytes a host has received .The ack is the no. of the net byte expected by the host.  SYN : a synchronise sequence no. flag.  ACK : an acknowledgement flag.
MECHANIM OF IP SPOOFING  A trusted host IP address of the same subnet or an external network is gained..
HOW TO FIND TARGET TCP SEQUENCE NO.???  Acquiring TCP sequence number of the target system using some other TCP port connection to the target just prior to launching the attack.  The target RTT(round trip time) is calculated , necessary to find the next sequence number.  Now the attack begins…
ATTACK MECHANISM... 3 cases may arise:- 1.Guessed sequence no.=sequence no. on the target TCP 2. Guessed sequence no.< sequence no. on the target TCP 3.Gussed sequence no.>sequence no. on the target TCP
CONTINUED.. 1. Z(b)- -SYN- ->A 2.B<- -SYN/ACK- -A 3.Z(b)- -ACK- ->A 4.Z(b)- -PSH- -> A  After the compromise , the attacker will insert a backdoor into the system , that will allow a simple way of intrusion.( A command like ‘cat + + >> ~/.rhosts’ can be used.)
PREVENTION OF IP SPOOFING PACKET FILTERING: Packets entering and leaving the network should be filtered  Egress filtering checks the packets leaving the network ensuring malicious packets don’t leave the network.  Ingress filtering checks that incoming packets are from the network they claim to be from.(echo2>/proc/sys/net/ipv4/conf/*/rp_filter)
PACKET FILTERING DEMO
FILTERING AT THE ROUTER : If a site has direct access to the internet , routers can be used.  Only hosts on internal network can participate in trust-relationships , then simply filter out all outside traffic that purports to come from inside.  An access control list should be maintained to block private IP addresses on the downstream interface.
ENCRYPTION AND AUTHENTICATION…  All host based authentication measures should be eliminated.  Implement cryptographic authentication system-wide.  If trusted hosts from external network are allowed ,enable encryption session at the router.
CONCLUSION  IP Spoofing is a difficult problem to tackle, because it is related to the IP packet structure.  Although there is no easy solution for the IP spoofing problem, we can apply some simple proactive and reactive methods at the nodes, and use the routers in the network to help detect a spoofed packet and trace it back to its originating source.
Thank You… Any Questions???
REFERENCES… 1.IP Spoofing, A journal by Farha Ali , Lander University. 2.IP spoofing (http://bear.cba.ufl.edu/teets/projects/ISM6222F102/perryna/index.htm l) 3.Bellovin, S.M, “Security problems in the TCP/IP protocol suite”. AT&T Bell Laboratories, Murray Hill, New Jersey 07974 (http://www.research.att.com/~smb/papers/ipext.pdf) 4.Toth,Thomas,TCP/IP protocol suite . (http://www.infosys.tuwien.ac.at/Teaching/Courses/InetSec/slides/sli des2.pdf) 5. http://www.webopedia.com/TERM/I/IP_spoofing.html

Recommended

Ipspoofing
IpspoofingIpspoofing
IpspoofingAkhil Kumar
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
IP Spoofing
IP SpoofingIP Spoofing
IP SpoofingAkmal Hussain
 
Presentation1
Presentation1Presentation1
Presentation1Rahul Polara
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingRoushan Jha
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofingarpit.arp
 
Icmp
IcmpIcmp
IcmpAbhishek Kesharwani
 

Recommended

Ipspoofing
IpspoofingIpspoofing
IpspoofingAkhil Kumar
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
IP Spoofing
IP SpoofingIP Spoofing
IP SpoofingAkmal Hussain
 
Presentation1
Presentation1Presentation1
Presentation1Rahul Polara
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingRoushan Jha
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofingarpit.arp
 
Icmp
IcmpIcmp
IcmpAbhishek Kesharwani
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffingShyama Bhuvanendran
 
Spoofing
SpoofingSpoofing
SpoofingGreater Noida Institute Of Technology
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacksApijay Kumar
 
ip spoofing
ip spoofingip spoofing
ip spoofingmohan babu
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherPankaj Dubey
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingDhrumil Shah
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LANArpit Suthar
 
RARP, BOOTP, DHCP and PXE Protocols
RARP, BOOTP, DHCP and PXE ProtocolsRARP, BOOTP, DHCP and PXE Protocols
RARP, BOOTP, DHCP and PXE ProtocolsPeter R. Egli
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSanilinvns
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
Himanshupptx
HimanshupptxHimanshupptx
HimanshupptxHimanshu Chaurishiya
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Distance Vector Multicast Routing Protocol (DVMRP) : Presentation
Distance Vector Multicast Routing Protocol (DVMRP) : PresentationDistance Vector Multicast Routing Protocol (DVMRP) : Presentation
Distance Vector Multicast Routing Protocol (DVMRP) : PresentationSubhajit Sahu
 
Spoofing
SpoofingSpoofing
SpoofingSanjeev
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scannern|u - The Open Security Community
 
Icmp V4 And Icmp V6
Icmp V4 And Icmp V6Icmp V4 And Icmp V6
Icmp V4 And Icmp V6Ram Dutt Shukla
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH NetProtocol Xpert
 
ip spoofing
ip spoofingip spoofing
ip spoofingvipin soni
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 

More Related Content

What's hot

Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacksApijay Kumar
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherPankaj Dubey
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocolasimnawaz54
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LANArpit Suthar
 
RARP, BOOTP, DHCP and PXE Protocols
RARP, BOOTP, DHCP and PXE ProtocolsRARP, BOOTP, DHCP and PXE Protocols
RARP, BOOTP, DHCP and PXE ProtocolsPeter R. Egli
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSanilinvns
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffersleminhvuong
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Distance Vector Multicast Routing Protocol (DVMRP) : Presentation
Distance Vector Multicast Routing Protocol (DVMRP) : PresentationDistance Vector Multicast Routing Protocol (DVMRP) : Presentation
Distance Vector Multicast Routing Protocol (DVMRP) : PresentationSubhajit Sahu
 
Spoofing
SpoofingSpoofing
SpoofingSanjeev
 

What's hot (20)

Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
 
Spoofing
SpoofingSpoofing
Spoofing
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacks
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
 
Internet control message protocol
Internet control message protocolInternet control message protocol
Internet control message protocol
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LAN
 
RARP, BOOTP, DHCP and PXE Protocols
RARP, BOOTP, DHCP and PXE ProtocolsRARP, BOOTP, DHCP and PXE Protocols
RARP, BOOTP, DHCP and PXE Protocols
 
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERSDay 1 INTRODUCTION TO IOS AND CISCO ROUTERS
Day 1 INTRODUCTION TO IOS AND CISCO ROUTERS
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)
 
Module 5 Sniffers
Module 5 SniffersModule 5 Sniffers
Module 5 Sniffers
 
Himanshupptx
HimanshupptxHimanshupptx
Himanshupptx
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for network
 
Distance Vector Multicast Routing Protocol (DVMRP) : Presentation
Distance Vector Multicast Routing Protocol (DVMRP) : PresentationDistance Vector Multicast Routing Protocol (DVMRP) : Presentation
Distance Vector Multicast Routing Protocol (DVMRP) : Presentation
 
Spoofing
SpoofingSpoofing
Spoofing
 
NMAP - The Network Scanner
NMAP - The Network ScannerNMAP - The Network Scanner
NMAP - The Network Scanner
 
Icmp V4 And Icmp V6
Icmp V4 And Icmp V6Icmp V4 And Icmp V6
Icmp V4 And Icmp V6
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH
 

Viewers also liked

Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Ip spoofing (seminar report)
Ip spoofing (seminar report)Ip spoofing (seminar report)
Ip spoofing (seminar report)Rahul Polara
 
Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hackingjignesh khunt
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IPSukh Sandhu
 
Email phising and spoofing hurting your business
Email phising and spoofing hurting your businessEmail phising and spoofing hurting your business
Email phising and spoofing hurting your businessMithi SkyConnect
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IPMichael Lamont
 

Viewers also liked (20)

ip spoofing
ip spoofingip spoofing
ip spoofing
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
 
Ip spoofing (seminar report)
Ip spoofing (seminar report)Ip spoofing (seminar report)
Ip spoofing (seminar report)
 
Web spoofing
Web spoofingWeb spoofing
Web spoofing
 
Spoofing
SpoofingSpoofing
Spoofing
 
Spoofing
SpoofingSpoofing
Spoofing
 
Phishing
PhishingPhishing
Phishing
 
Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hacking
 
Security problems in TCP/IP
Security problems in TCP/IPSecurity problems in TCP/IP
Security problems in TCP/IP
 
Hyper threading
Hyper threadingHyper threading
Hyper threading
 
Tcp
TcpTcp
Tcp
 
Duan
DuanDuan
Duan
 
Email phising and spoofing hurting your business
Email phising and spoofing hurting your businessEmail phising and spoofing hurting your business
Email phising and spoofing hurting your business
 
Introduction to TCP/IP
Introduction to TCP/IPIntroduction to TCP/IP
Introduction to TCP/IP
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
Mobile agents
Mobile agentsMobile agents
Mobile agents
 
Objective-C
Objective-CObjective-C
Objective-C
 
Image inpainting
Image inpaintingImage inpainting
Image inpainting
 
Objective c slide I
Objective c slide IObjective c slide I
Objective c slide I
 

Similar to IP Spoofing: Understanding and Preventing this Network Attack

Hacking Cisco Networks and Countermeasures
Hacking Cisco Networks and CountermeasuresHacking Cisco Networks and Countermeasures
Hacking Cisco Networks and Countermeasuresdkaya
 
Lecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptxLecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptxAsmaaLafi1
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigationsMukesh Chaudhari
 
Node finder presentation
Node finder presentationNode finder presentation
Node finder presentationVarun Varshney
 
Module 10 (session hijacking)
Module 10 (session hijacking)Module 10 (session hijacking)
Module 10 (session hijacking)Wail Hassan
 
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingVi Tính Hoàng Nam
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question CollectionManish Luintel
 
Detection and analysis_of_syn_flood_ddos
Detection and analysis_of_syn_flood_ddosDetection and analysis_of_syn_flood_ddos
Detection and analysis_of_syn_flood_ddosOleh Stupak
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxMahdiHasanSowrav
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...ClaraZara1
 
poofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdj
poofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdjpoofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdj
poofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdjAjithsuresh12
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 

Similar to IP Spoofing: Understanding and Preventing this Network Attack (20)

Sudheer tech seminor
Sudheer tech seminorSudheer tech seminor
Sudheer tech seminor
 
Hacking Cisco
Hacking CiscoHacking Cisco
Hacking Cisco
 
Hacking Cisco Networks and Countermeasures
Hacking Cisco Networks and CountermeasuresHacking Cisco Networks and Countermeasures
Hacking Cisco Networks and Countermeasures
 
Lecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptxLecture 7 Attacker and there tools.pptx
Lecture 7 Attacker and there tools.pptx
 
Attacks and their mitigations
Attacks and their mitigationsAttacks and their mitigations
Attacks and their mitigations
 
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPERINTERNATIONAL INDEXED REFEREED RESEARCH PAPER
INTERNATIONAL INDEXED REFEREED RESEARCH PAPER
 
Node finder presentation
Node finder presentationNode finder presentation
Node finder presentation
 
Firewall Facts
Firewall FactsFirewall Facts
Firewall Facts
 
Module 10 (session hijacking)
Module 10 (session hijacking)Module 10 (session hijacking)
Module 10 (session hijacking)
 
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijackingCeh v5 module 10 session hijacking
Ceh v5 module 10 session hijacking
 
3.Network
3.Network3.Network
3.Network
 
6.Routing
6.Routing6.Routing
6.Routing
 
spoofing.ppt
spoofing.pptspoofing.ppt
spoofing.ppt
 
CEHv7 Question Collection
CEHv7 Question CollectionCEHv7 Question Collection
CEHv7 Question Collection
 
Detection and analysis_of_syn_flood_ddos
Detection and analysis_of_syn_flood_ddosDetection and analysis_of_syn_flood_ddos
Detection and analysis_of_syn_flood_ddos
 
Scanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptxScanning and Enumeration in Cyber Security.pptx
Scanning and Enumeration in Cyber Security.pptx
 
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
The Fight against IP Spoofing Attacks: Network Ingress Filtering Versus First...
 
poofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdj
poofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdjpoofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdj
poofing.ppt jrjejjhhhhhhhhhhthfjrjejejejejdjdj
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
 
Ceh v5 module 03 scanning
Ceh v5 module 03 scanningCeh v5 module 03 scanning
Ceh v5 module 03 scanning
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

IP Spoofing: Understanding and Preventing this Network Attack

  • 1. IP SPOOFING SRIRANGAM PRIYANKA
  • 2. AGENDA… 1.What is IP Spoofing???#4.WHAT IS IP SPOOFING??? 2.Why is IP Spoofing so easy? WHY IS IP SPOOFING EASY?? 3.Kinds of IP Spoofing. KINDS OF IP Spoofing.. 4. A brief idea regarding TCP header.TCP HEADER… 5.Mechanism of IP Spoofing. MECHANISM OF IP SPOOFING 6.Prevention of IP Spoofing. PREVENTION OF IP SPOOFING
  • 4. WHAT IS IP SPOOFING???  The attacker uses an unauthorised internet protocol address(IP address) making itself appear as a trusted machine .  Prime weakness of IP address based networks.  Attacker does not care about receiving packets(Denial of Service) or it has some way of guessing the response.  Attacker may use an internal IP address or an authorised IP address from an external network.
  • 5. WHY IS IP SPOOFING POSSIBLE??  None of the fields in an IP header are encrypted.  Easy to set an arbitrary destination address.  The destination has no way to ascertain that the datagram has actually originated from an IP address other than the one in the source address field.  Routers look at Destination addresses only.
  • 6. KINDS OF IP Spoofing..  Nonblind Spoofing: used when the attacker is on the same subnet as the victim.  Attacker sniffs the packets and makes the sequence and acknowledge numbers available.
  • 7. CONTINUED..  Blind Spoofing : Several packets are sent to the target machine in order to sample sequence numbers.  Host c sends an IP datagram with the address of some other host(host A) as the source address to host B. Attacked host(B) replies to the legitimate host(A).
  • 8. TCP HEADER…  A connection oriented transport layer protocol.  Two important features that we need are sequence no. and the acknowledgement no.
  • 9. CONTINUED…  Each party numbers the bytes sent with a different starting byte no.  When data are sent in segments, a sequence no. Is assigned to each segment, which is the no. of the first byte in the segment.  An acknowledgement no. is used to confirm the bytes a host has received .The ack is the no. of the net byte expected by the host.  SYN : a synchronise sequence no. flag.  ACK : an acknowledgement flag.
  • 10. MECHANIM OF IP SPOOFING  A trusted host IP address of the same subnet or an external network is gained..
  • 11.
  • 12. HOW TO FIND TARGET TCP SEQUENCE NO.???  Acquiring TCP sequence number of the target system using some other TCP port connection to the target just prior to launching the attack.  The target RTT(round trip time) is calculated , necessary to find the next sequence number.  Now the attack begins…
  • 13. ATTACK MECHANISM... 3 cases may arise:- 1.Guessed sequence no.=sequence no. on the target TCP 2. Guessed sequence no.< sequence no. on the target TCP 3.Gussed sequence no.>sequence no. on the target TCP
  • 14. CONTINUED.. 1. Z(b)- -SYN- ->A 2.B<- -SYN/ACK- -A 3.Z(b)- -ACK- ->A 4.Z(b)- -PSH- -> A  After the compromise , the attacker will insert a backdoor into the system , that will allow a simple way of intrusion.( A command like ‘cat + + >> ~/.rhosts’ can be used.)
  • 15. PREVENTION OF IP SPOOFING PACKET FILTERING: Packets entering and leaving the network should be filtered  Egress filtering checks the packets leaving the network ensuring malicious packets don’t leave the network.  Ingress filtering checks that incoming packets are from the network they claim to be from.(echo2>/proc/sys/net/ipv4/conf/*/rp_filter)
  • 17. FILTERING AT THE ROUTER : If a site has direct access to the internet , routers can be used.  Only hosts on internal network can participate in trust-relationships , then simply filter out all outside traffic that purports to come from inside.  An access control list should be maintained to block private IP addresses on the downstream interface.
  • 18. ENCRYPTION AND AUTHENTICATION…  All host based authentication measures should be eliminated.  Implement cryptographic authentication system-wide.  If trusted hosts from external network are allowed ,enable encryption session at the router.
  • 19. CONCLUSION  IP Spoofing is a difficult problem to tackle, because it is related to the IP packet structure.  Although there is no easy solution for the IP spoofing problem, we can apply some simple proactive and reactive methods at the nodes, and use the routers in the network to help detect a spoofed packet and trace it back to its originating source.
  • 21. REFERENCES… 1.IP Spoofing, A journal by Farha Ali , Lander University. 2.IP spoofing (http://bear.cba.ufl.edu/teets/projects/ISM6222F102/perryna/index.htm l) 3.Bellovin, S.M, “Security problems in the TCP/IP protocol suite”. AT&T Bell Laboratories, Murray Hill, New Jersey 07974 (http://www.research.att.com/~smb/papers/ipext.pdf) 4.Toth,Thomas,TCP/IP protocol suite . (http://www.infosys.tuwien.ac.at/Teaching/Courses/InetSec/slides/sli des2.pdf) 5. http://www.webopedia.com/TERM/I/IP_spoofing.html