Mogollon 0108 13 ip spoofing in an ip networks is

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: -the-Middle IP Packet Various IP Header Fields Source IP Address Upper Protocol Destination Header (i.e., TCP, IP Address UDP, ICMP) IP Header TCP IP Header VPN Data Data Payload Data IPsec IKE v2 TLS M. Mogollon – 01/08 - 13 IP Spoofing In an IP networks is difficult to know from where the information is coming from. An intruder uses IP spoofing by impersonating another user. The intruder creates a fake message with Alice’s address as the source address and requests a connection to Bob. When Bob receives the message, he will responds with an acknowledgment and the attack starts. IP packets are easily changed, so a spoofing attack makes a packet coming from one location appear to come from somewhere else. Packet Sniffing (Electronic Eavesdropping) In most Ethernet LANs, all the packets are available to the network interface card (NIC) which listens and responds only to packets specifically addressed to that NIC. It is possible to put the NIC in the promiscuous mode - meaning that the NIC collects every packet that passes by, even if the frame doesn’t belong to the NIC. A network analyzer is a legitimate sniffer that is used by the network administrator to collect data and messages as they are transmitted on the network for later analysis. Session Hijacking (Man-in-the-Middle) In a session hijacking, rather than attempting to initiate a session via spoofing, the attacker takes over an existing connection between two computers. Most session authentication occurs only at the start of the session. Once the connection is established, the intruder determines the connection sequence numbers between the two computers, and generates traffic that appears to come from either one of the communicating parties. IP Packet IP packets can be represented in several ways, in this class we will use either on those above. 13 VPN, IPSec and TLS IPsec Interlocking Technologies Cryptographic Security Mechanisms for IP • Authentication Header (AH) — Provides integrity and authentication without confidentiality to IP datagrams. — Available...
View Full Document

This note was uploaded on 05/26/2010 for the course TECH 6350 taught by Professor Mogollon during the Spring '10 term at University of Arkansas for Medical Sciences.

Ask a homework question - tutors are online