You are on page 1of 2

IP address spoofing?

Computer networks communicate through the exchange of network data packets,


each containing multiple headers used for routing and to ensure transmission
continuity. One such header is the ‘Source IP Address’, which indicates the IP
address of the packet’s sender.

IP address spoofing is the act of falsifying the content in the Source IP header,
usually with randomized numbers, either to mask the sender’s identity or to launch a
reflected DDoS attack, as described below. IP spoofing is a default feature in most
DDoS malware kits and attack scripts, making it a part of most network
layer distributed denial of service DDoS attacks.

Source routing attacks?


Source routing is an example of a classical spoofing attack and it is a pretty old trick itself.
The theory behind a source routing attack is the idea that you can specify the route a packet
takes, rather than just letting it go through the routers. This way, because it did not travel
through routers, but through the route of the attacker's choice, packets sent can have a
spoofed address, and the spoofing attack is non-blind. What is meant by non-blind is that
unlike Sequence Number Prediction attacks for example, you can actually receive packets
back.

Tiny fragment attacks?


A Tiny Fragment attack is IP fragmentation that is the process of breaking up a single
Internet Protocol (IP) datagram into multiple packets of smaller size. Every network link has
a characteristic size of messages that may be transmitted, called the maximum transmission
unit (MTU). If the data packet size is made small enough to force some of a TCP packet’s TCP
header fields into the second data fragment, filter rules that specify patterns for those fields
will not match. If the filtering implementation does not enforce a minimum fragment size, a
disallowed packet might be passed because it didn’t hit a match in the filter. STD 5, RFC 791
states that, “Every Internet module must be able to forward a datagram of 68 octets
without further fragmentation.” This is because an Internet header may be up to 60 octets,
and the minimum fragment is 8 octets. IP fragmentation exploits (attacks) use the
fragmentation protocol within IP as an attack vector.

You might also like