23-05-2014, 11:06 AM
A SEMINAR ON SPOOFING
An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication.
Designers of the Internet Protocol defined an IP address as a 32-bit number.
SPOOFING
A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host.
Steps Of IP Spoofing
Selecting a target host (the victim).
Identify a host that the target “trust”.
Disable the trusted host, sampled the target’s TCP sequence.
Connection attempt to a service that only requires address-based authentication.
If successfully connected, executes a simple command to leave a backdoor.
Non-Blind Spoofing
Work on those networks where the attacker and victim are on the same subnet.
In this situation, the attacker can sniff the network packets to know the sequence and acknowledgement numbers being sent in the packets.
Blind Spoofing
Complicated and difficult in comparison to the Non-Blind attack.
Because the sequence and acknowledgement numbers cannot be sniffed.
The attacker will send several packets to the target machine, guessing sequence and acknowledgement numbers in order to sample sequence numbers.
After sending several packets there may be a possibility to guess the right sequence number.
This attack takes a great deal of time and has a lesser probability of success.
Man In the Middle Attack
A common security violation that is formed by both types of spoofing we have discussed earlier.
In this attack, an attacker intercepts a legitimate communication between two machines (server and client).
Then, the attacker controls the flow of data.
He can alter the information being exchanged by two machines without the knowledge of either the original sender or the recipient.
Denial of Service Attack
The main attack which uses IP spoofing and the most difficult to defend against.
The attacker only tries to consume the bandwidth and resource of a server.
The attacker does not care about the response.
An attacker only wishes to flood the victim’s machine with as many packets as possible in a short amount of time in order to make the victim’s machine inaccessible to valid users.
Conclusion
IP spoofing attacks are unavoidable.
Understanding how and why spoofing attacks are used, combined with a few simple prevention methods, can help protect your network from these malicious cloaking and cracking techniques.
It’s better to be safe.