Understanding IP Spoofing In Network Security
In my previous articles, I have talked about different types of Denial Of Service attacks that can affect network security. In this article, I want to look at how IP spoofing in network security can affect networks. Follow me as we look at this together in this article.
IP Spoofing is essentially a technique used by hackers to gain unauthorised access to computers. Although this is the most common reason for IP spoofing, it is occasionally done simply to mask the origins of a DoS attack. In fact, DoS attacks often mask the actual IP address from which the attack is originating.
With IP Spoofing, the intruder sends messages to a computer system with an IP address indicating that the IP address is coming from a different IP address than it is actually coming from. If the intent is to gain unauthorized access thEn the spoofed IP address will be that of a system the target considers a trusted host.
to successfully perpetrate IP spoofing attack, the hacker must first find the IP address of a trusted source. Hacklers might employ a variety of techniques to find the IP address of a trusted host. After they have that trusted IP address, they can then modify the packet headers of there transmission header so that the packet will appear as if it is coming from that trusted host.
IP spoofing unlike many other types of attacks was actually known to security experts as a theoretical level before it was used in a real attack. The concept of spoofing was discussed in academic circles as early as the 1980s. Although the concept behind this technique was known for some time, it was theoretical until Robert Morris discovered a security weakness in the TCP protocol known as sequence prediction.
IP spoofing attacks are becoming less frequent, primarily because the avenue they use are becoming more secure and in some cases, they are no longer used. However, it can still be used. That is why security administrators must be aware of it.
The danger for IP spoofing is that some firewalls do not examine packets that seem to come from an internal IP address. Routing packets through filtering router is possible if they are configured to filter internal incoming packet whose source address is in the local domain.
Examples of routers configuration that are vulnerable to it are:
- 1. Routers to an external network that support multiple internal interfaces.
- 2. Proxy firewalls where the proxy applications use the source IP address for authentication.
- 3. Routers with two interfaces that support subnetting on the internal network.
- 4. Routers that do not filter packet whose source address is in the local domain.
Now Tell Us Your Own Side Of This Story.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also become part of our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You can also become part of our WhatsApp Group Here.
Enjoy Latest Music From across the globe. Download TubeNaira.