TECHNICAL SEMINAR ON

IP SPOOFING
presented by
M.SUKANYA

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

JNTUA COLLEGE OF ENGINEERING KALIKIRI-517234
Content
 Introduction
 What is IP Spoofing
 Why IP spoofing is easy
 How IP Spoofing Works
 IP Spoofing Usaging
 History
 Applications
 Spoofing Attacks
 Stopping IP spoofing attacks
 Advantages
 Disadvantages
 Future Scope
 Conclusion
 Introduction

 IP Spoofing is one of the most common forms of on-

line camouflage.

 IP Spoofing gains an unauthorized access over a

network.
IP SPOOFING
 What is IP Spoofing

 An IP (Internet Protocol) address is the address that

reveals the identity of your Internet service provider
and your personal Internet connection.

 IP Spoofing hides the IP address by creating IP packets

with bogus IP addresses.
Why IP Spoofing Is easy

 IP routing is hop by hop.

 Routers look at destination addresses only.

 Authentication based on Source addresses only.

How IP Spoofing Works

 The Internet Protocol or IP is used for sending and receiving

data over the network.

 Each packet of information that is sent is identified by the IP

address.

 If you try to respond to the information, it will be sent to a

bogus IP address.
Why IP Spoofing is Used

 Hackers use IP spoofing so they do not get caught

spamming and to perpetrate denial of service attacks.

 IP Spoofing eliminates the need to provide a user name

and password to log onto the network.

Brief History of IP Spoofing

 The concept of IP spoofing was initially discussed in

academic circles in the 1980's.

 In the April 1989 article entitled: “Security Problems

in the TCP/Protocol Suite”, author S. M Bellovin of
AT & T Bell labs was among the first to identify IP
spoofing as a real risk to computer networks.
Applications of IP spoofing

 Many other attacks rely on IP spoofing mechanism,

for example SMURF attack (also known as ICMP

flooding).

 Denial of service (DoS) attacks uses IP Spoofing

mechanism.
Spoofing Attacks
 Non-Blind Spoofing

 Blind Spoofing

 Man in the Middle Attack

 Denial of Service Attack

Stopping IP Spoofing Attack

 Packet filtering

 Compression

 Cryptography

 Software to stop IP Spoofing

Advantages

 Multiple Servers : Sometimes you want to change where

packets heading into your network will go.

 Transparent Proxying : Sometimes you want to pretend that

each packet which passes through your Linux box is destined

for a program on the Linux box itself.

 Disadvantages

 Blind to Replies: A drawback to IP source address spoofing is

that reply packet will go back to the spoofed IP address rather

than to the attacker.

 Serial attack platforms: However, the attacker can still maintain

anonymity by taking over a chain of attack hosts.

 Conclusion

 IP spoofing is less of a threat today due to the patches to the Unix

Operating system and the widespread use of random sequence

numbering.

 Security professionals are predicting a shift from IP Spoofing to

application related spoofing.

References
 Internet Vulnerabilities Related to TCP/IP and T/TCP, ACM SIGCOMM,
Computer Communication Review

 Distributed System: Concepts and Design, Chapter 7, by Coulouris,

Dollimore, and Kindberg

 An Algebraic Approach to IP Trace-back, ACM Transactions on

Information and System Security, Vol. 5, No. 2, May 2002

 Network support for IP trace-back, IEEE/ACM Transactions on

Networking, Vol. 9, No. 3, June 2001
Thanks….