20-06-2011, 12:57 PM
seminar report.doc (Size: 699.5 KB / Downloads: 108)
INTRODUCTION
In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system
Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source.
A common misconception is that "IP spoofing" can be used to hide your IP address while surfing the Internet, chatting on-line, sending e-mail, and so forth. This is generally not true. Forging the source IP address causes the responses to be misdirected, meaning you cannot create a normal network connection.
However, IP spoofing is an integral part of many network attacks that do not need to see responses (blind spoofing).
Examples of spoofing:
Man-in-the-middle
Packet sniffs on link between the two end points, and can therefore pretend to be one end of the connection
Routing redirect
Redirects routing information from the original host to the hacker's host (this is another form of man-in-the-middle attack).
Source routing
Redirects individual packets by hackers host
Blind spoofing
Predicts responses from a host, allowing commands to be sent, but can't get immediate feedback.
Flooding
SYN flood fills up receive queue from random source addresses; smurf/fraggle spoofs victims address, causing everyone respond to the victim.
OSI MODEL
The standard model for networking protocols and distributed applications is the International Standard Organization's Open System Interconnect (ISO/OSI) model. It defines seven network layers.
Short for Open System Interconnection, an ISO standard for worldwide communications that defines a networking framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.
At one time, most vendors agreed to support OSI in one form or another, but OSI was too loosely defined and proprietary standards were too entrenched. Except for the OSI-compliant X.400 and X.500 e-mail and directory standards, which are widely used, what was once thought to become the universal communications standard now serves as the teaching model for all other protocols.
Control is passed from one layer to the next, starting at the application layer in one station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.