Ip Spoofing Ppt
-
Upload
phani-kumar -
Category
Documents
-
view
175 -
download
24
Transcript of Ip Spoofing Ppt
IP SpoofingIP Spoofing BYBY
R.seetharama raoR.seetharama rao
BT – ITBT – IT
UNDER GUIDANCE OFUNDER GUIDANCE OF
Mr.murtuza
IP SPOOFING ?IP SPOOFING ?
• IP Spoofing is a technique used to gain IP Spoofing is a technique used to gain unauthorized access to computers.unauthorized access to computers.
– IP: Internet ProtocolIP: Internet Protocol
– Spoofing: using somebody else’s Spoofing: using somebody else’s informationinformation
• Exploits the trust relationshipsExploits the trust relationships
• Intruder sends messages to a computer with Intruder sends messages to a computer with an IP address of a trusted host.an IP address of a trusted host.
IP SPOOFINGIP SPOOFING
WHY IP SPOOFING IS EASY ?WHY IP SPOOFING IS EASY ?
Problem with the RoutersProblem with the Routers..
Routers look at Destination addresses only.Routers look at Destination addresses only.
Authentication based on Source addresses only.Authentication based on Source addresses only.
IP SPOOFING STEPSIP SPOOFING STEPS
• Selecting a target hostSelecting a target host
• Identify a host that the target “trust”Identify a host that the target “trust”
• Disable the trusted hostDisable the trusted host
• Connection attempt to a service that only Connection attempt to a service that only
requires address-based authentication.requires address-based authentication.
• If successfully connected, executes a simple If successfully connected, executes a simple
command to leave a backdoor.command to leave a backdoor.
Spoofing AttacksSpoofing Attacks
Spoofing is classified into :-Spoofing is classified into :-
1.1.Non-blind spoofingNon-blind spoofing
2.2.Blind spoofing Blind spoofing
3.3.Man - in - the – middle Man - in - the – middle
Detection of IP Detection of IP SpoofingSpoofing
If you monitor packets using network-If you monitor packets using network-monitoring software such as net log, look for monitoring software such as net log, look for a packet on your external interface that has a packet on your external interface that has both its source and destination IP addresses both its source and destination IP addresses in your local domain. If you find one, you are in your local domain. If you find one, you are
currently under attackcurrently under attack..
IP-Spoofing Counter-IP-Spoofing Counter-measuresmeasures
No insecure authenticated servicesNo insecure authenticated services
Disable commands like pingDisable commands like ping
Use encryptionUse encryption
IP Trace-backIP Trace-back
• To trace back as close to the attacker’s To trace back as close to the attacker’s
location as possiblelocation as possible
• Limited in reliability and efficiencyLimited in reliability and efficiency
• Require cooperation of many other Require cooperation of many other
network operators along the routing pathnetwork operators along the routing path
Applications Applications
Asymmetric routing (Splitting Asymmetric routing (Splitting
routing)routing)
NAT (Network Address Transaction)NAT (Network Address Transaction)
IP MasqueradeIP Masquerade
ADVANTAGESADVANTAGES
Multiple ServersMultiple Servers
Transparent ProxyingTransparent Proxying
DISADVANTAGESDISADVANTAGES
Blind to Replies :Blind to Replies : In the scanning attack as we will see In the scanning attack as we will see
next the attacker may need to see replies in such next the attacker may need to see replies in such cases ,the attacker can not use IP address cases ,the attacker can not use IP address spoofing .spoofing .
Serial attack platforms:Serial attack platforms: AAttacker attacks the target victim ttacker attacks the target victim
using a point host-the last host in the attack using a point host-the last host in the attack chain .Even if authorities learn the point host’s chain .Even if authorities learn the point host’s identityidentity
CONCLUSIONCONCLUSION
IP spoofing attacks is unavoidableIP spoofing attacks is unavoidable..
Understanding how and why spoofing Understanding how and why spoofing attacks are used, combined with a few attacks are used, combined with a few simple prevention methods, can help protect simple prevention methods, can help protect your network from these malicious cloaking your network from these malicious cloaking
and cracking techniquesand cracking techniques..
THANK YOU !THANK YOU !