Presentation on how to chat with PDF using ChatGPT code interpreter
Ip Spoofing
1. NETWORK SECURITY A PAPER ON P ITFALLS AND PROBLEMS ENCOUNTERED IN IP-SPOOFING Arpit Gupta Deepika Chug
2. Bad Practices Spread It is easy to see the faults of others but not so easy to see one’s own faults If I just open a bunch of ports in the firewall my app will work. I think I will wedge the computer room door open. Much easier. They have blocked my favorite Web site. Lucky I have a modem. I think I will use my first name as a password. Say, we run a network too. How do you configure your firewalls? Why do we need the door locked? Hey, nice modem. What's the number of that line? I can never think of a good password. What do you use?
3. Understanding The Landscape Author Script-Kiddie Hobbyist Hacker Expert Specialist Vandal Thief Spy Trespasser National Interest Personal Gain Personal Fame Curiosity
4. An Evolving Threat Hobbyist Hacker Expert Specialist Largest area by volume Largest area by $ lost Script-Kiddie Largest segment by $ spent on defense Fastest growing segment Author Vandal Thief Spy Trespasser National Interest Personal Gain Personal Fame Curiosity
5. IP -> Internet Protocol.. Spoofing -> Hiding.. It is a trick played on servers to fool the target computers into thinking that it is receiving data from source other than the trusted host. This Attack is actually a Trust-Relationship Exploitation. “ Things are not what they seem and that is why the world gets conned” WHAT IS IP-SPOOFING ???
6. A B C B is on line A disguising his voice,making it sound more like that of B If we now,replace the 3 people by computers and change the term “voice” with “IP-Address” then you would know what we mean by IP-SPOOFING… REAL LIFE EXAMPLE TO EXPLAIN WHAT IS IP SPOOFING.
8. C B A CLIENT HOST A B C PACKETS DISCRIPTION: SYN =client’s ISN (4894305) ACK= 0 SYN= Host’s ISN (1896955367) ACK= client’s ISN +1 (4894306) ACK= Host’s ISN +1 (1896955368) THE 3-WAY HANDSHAKE ..
9.
10. THE ATTACK HACKER 203.45.98.01 VICTIM 202.14.12.10 FAKE 202.23.45.89 Remote Host Packets with IP Address of Trusted Host (FAKE) Attacking Host
11. THE ATTACK VICTIM 202.14.12.10 FAKE 202.23.45.89 Trusted Host SYN / ACK PACKETS , Remote Host
12. As soon as we find the TRUSTED-HOST ( FAKE),our next Step is to disable it. WHY ???? “ -- FAKE must not at any time respond to the SYN/ACK packet send by VICTIM -- “ How to do it ???? Use up all the memory of TRUSTED-HOST so that it will not able to respond to the SYN/ACK packet sent to it by the VICTIM . So one very easy method of doing so is to Perform the SYN Flooding Denial of Service Attack TRUSTED HOST DISABLING..
13. SYN SYN SYN SYN SYN SYN QUEUE FULL There is a upper limit of how many concurrent SYN request TCP can process for a given socket, this limit is called BACKLOG LIMIT B A C k L O G Q U E U E Backlog limit = length (Queue) SO what is SYN FLOODing ???
19. Our network is secure, right? Oh sure, Don’t worry. We have several firewalls
20. Initial Sequence Number (ISN) Randomizing ISN Incrementation At every connection --incremented by 64,000 At every sec. – incremented by 128,000 Its value gets wrapped every 9.32hrs. So,it’s easy for any genius to do the guesswork and calculate the correct sequence number
21.
22. CONCLUSION IP-Spoofing is an exploitation of trust-based relationship and can be curbed effectively if proper measures are used.Understanding how and why spoofing attacks are used , combined with a few simple prevention methods, can help protect networks from these malicious cloaking and cracking techniques.
24. IP-Spoofing Software In Technical Discussion Client Client Client/Server Target Victim Hacker Part 1 : Target is being attacked 192.168.1.2 192.168.1.20 192.168.1.30 Target is being attacked With the UDP packets, when No measures were taken UDP 192.168.1.20
25. IP-Spoofing Software In Technical Discussion Client Client Client/Server Target Victim Hacker Part 2 : Target is being attacked but the software is interface to this 192.168.1.2 192.168.1.20 192.168.1.30 The s/w UDP 192.168.1.20 UDP 192.168.1.20
26. IP-Spoofing Software In technical Discussion Part 3: The s/w Role as an Interface 1)Scans all the Registered IP Addresses for their Authenticity. myip log file (List of registered clients) While scanning these it also resolves The respective Mac Address at runtime. 2) (Maintains the list of spoofed Clients) log file
27. IP-Spoofing Software In technical Discussion Part 3.1: The s/w Role as an Interface 3) Maintains the list of Registered Clients whenever they communicate. myhost log file (List of registered clients) 4)The unauthorised user is blocked.
28.
29. UDP HEADER 16 32 Source port Destination port Length Checksum Data
30. 16 32 bits Source port Destination port Sequence number Acknowledgement number Offset Resrvd U A P R S F Window Checksum Urgent pointer Option + Padding Data TCP header structure