have long employed the tactic of masking their true identity, from disguises to
aliases to caller-id blocking. It should come as no surprise then, that criminals
who conduct their nefarious activities on networks and computers should employ
such techniques. IP spoofing is one of the most common forms of on-line camouflage.
In IP spoofing, an attacker gains unauthorized access to a computer or a network
by making it appear that a malicious message has come from a trusted machine by
"spoofing" the IP address of that machine. In the subsequent pages of
this report, we will examine the concepts of IP spoofing: why it is possible,
how it works, what it is used for and how to defend against it.
History of IP Spoofing
The concept of
IP spoofing was initially discussed in academic circles in the 1980's. In the
April 1989 article entitled: "Security Problems in the TCP/IP Protocol Suite",
author S. M Bellovin of AT & T Bell labs was among the first to identify IP
spoofing as a real risk to computer networks. Bellovin describes how Robert Morris,
creator of the now infamous Internet Worm, figured out how TCP created sequence
numbers and forged a TCP packet sequence. This TCP packet included the destination
address of his "victim" and using an IP spoofing attack Morris was able
to obtain root access to his targeted system without a User ID or password. Another
infamous attack, Kevin Mitnick's Christmas Day crack of Tsutomu Shimomura's machine,
employed the IP spoofing and TCP sequence prediction techniques. While the popularity
of such cracks has decreased due to the demise of the services they exploited,
spoofing can still be used and needs to be addressed by all security administrators.
A common misconception is that "IP spoofing" can be used to hide your
IP address while surfing the Internet, chatting on-line, sending e-mail, and so
forth. This is generally not true. Forging the source IP address causes the responses
to be misdirected, meaning you cannot create a normal network connection. However,
IP spoofing is an integral part of many network attacks that do not need to see
responses (blind spoofing).
2. TCP/IP PROTOCOL
IP Spoofing exploits the flaws in
TCP/IP protocol suite. In order to completely understand how these attacks can
take place, one must examine the structure of the TCP/IP protocol suite. A basic
understanding of these headers and network exchanges is crucial to the process.
2.1 Internet Protocol - IP
The Internet Protocol (or IP as it generally known), is the network layer of the
Internet. IP provides a connection-less service. The job of IP is to route and
send a packet to the packet's destination. IP provides no guarantee whatsoever,
for the packets it tries to deliver.
The IP packets are usually termed datagrams.
The datagrams go through a series of routers before they reach the destination.
At each node that the datagram passes through, the node determines the next hop
for the datagram and routes it to the next hop. Since the network is dynamic,
it is possible that two datagrams from the same source take different paths to
make it to the destination. Since the network has variable delays, it is not guaranteed
that the datagrams will be received in sequence. IP only tries for a best-effort
delivery. It does not take care of lost packets; this is left to the higher layer
protocols. There is no state maintained between two datagrams; in other words,
IP is connection-less.
You may also like this : Crusoe Processor, Human Computer Interface , HPJava, Gaming Consoles, Fluorescent Multi-layer Disc, Futex, Extreme Programming (XP), Earth Simulator, Compact peripheral component interconnect, corDECT Wireless in Local Loop System, Param 10000, Elastic Quotas, Refactoring, On-line Analytical Processing (OLAP), Pivot Vector Space Approach in Audio-Video Mixing, QoS in Cellular Networks Based on MPT, Wireless Fidelity, Voice morphing, Radio Frequency Light Sources, Speed Detection of moving vehicle using speed cameras, Optical Packet Switching Network, Storage Area Networks, Smart Note Taker, MPEG-7, Motes, Modular Computing, MiniDisc system, Migration From GSM Network To GPRS, M-Commerce, C# , IP Telephony, RPR, Broad Band Over Power Line, Rapid Prototyping , Dashboard , Optical Satellite Communication, Optical packet switch architectures, Layer 3 Switching , Intrution Detection System, Multiterabit Networks, InfiniBand, Light Tree , Multicast, Inverse Multiplexing, Neural Networks And Their Applications, Parallel Computing In India, Quadrics Interconnection Network, Structured Cabling, Virtual LAN Technology, RTOS/RTSI,IT Seminar Reports, PPT and PDF.