Important: Use custom search function to get better results from our thousands of pages

Use " " for compulsory search eg:"electronics seminar" , use -" " for filter something eg: "electronics seminar" -"/tag/" (used for exclude results from tag pages)

Tags: ip spoofing fire, ip spoofing file sharing, ip spoofing firewall, ip spoofing for mac, ip spoofing download, ip spoofing definition, ip spoofing detection, ip spoofing defense, ip spoofing demystified, on the state of ip spoofing defense, how is ip spoofing done, network hacking tools ip spoofing download, ip spoofing example, ip spoofing attack, ip spoofing app, ip spoofing attack rails, ip spoofing advantages, ip spoofing abstract, ip spoofing application, ip spoofing asa, ip spoofing advantages and disadvantages,
Ask More Info Of  A Seminar Ask More Info Of A Project Post Reply  Follow us on Twitter
03-03-2011, 03:06 PM
Post: #9
RE: ip spoofing seminar report
Prashant Singh

.ppt  myspoofing_presentation.ppt (Size: 3.77 MB / Downloads: 140)
ip spoofing
What is IP Spoofing?
 IP spoofing is a technique used to gain unauthorized access to computers, where by the attacker sends messages to a computer with a forging IP address indicating that the message is coming from a trusted host
 Attacker puts an internal, or trusted, IP address as its source. The access control device sees the IP address as trusted and lets it through
When Spoofing occurs?
 IP spoofing occurs when a hacker inside or outside a network impersonates the conversations of a trusted computer.
 Two general techniques of IP spoofing:
• A hacker uses an IP address that is within the range of trusted IP addresses.
• A hacker uses an authorized external IP address that is trusted
3-Way Handshake in TCP/IP
 The client selects and transmits an initial sequence number ISNC ,the server acknowledges it and sends its own sequence number ISNS ,and the client acknowledges it.
 The exchange may show schematically as follows

How Spoofing take place?
 Suppose, there is a way for an intruder X to predict ISNS .In this case , it could send the following sequence to impersonate trusted host T :
XàS: ACK(ISNS) , SRC=T , nasty data

• Basic Concept of IP Spoofing
• IP Spoofing
• Why IP Spoofing is so easy?
 Problem with the Routers.
 Routers look at Destination addresses only.
 Authentication based on Source addresses only.
 To change source address field in IP header field is easy by the use of the software.
• Types of Spoofing Attack
The number of IP Spoofing attacks are:
 Non-Blinding Attack
This attack take place when the Victim and the Attacker are on the same network.
 In this the we have to make the assumption to find the sequence number passed from Target to Victim.
• Non- Blinding Spoofing
• Spoofing Attacks
 Blind Spoofing
 It is mainly used to abuse the trust relationship between hosts.
 Today, most OSs implement random sequence number generation, making it difficult to predict them accurately.
 In this many packet are sent to the victim
• Spoofing Attacks:
• Blinding Attack
• Spoofing Attacks:
 Man in the Middle Attack( Connection Hijacking)
 In this the attacker control the gateway that is in the delivery route, he can
• sniff the traffic
• intercept / block / delay traffic
• modify traffic:
Spoofing Attacks:
 ICMP Echo attacks
• Map the hosts of a network
The attack sends ICMP echo datagram to all the hosts in a subnet, then he collects the replies and determines which hosts are alive.
• Denial of service attack (SMURF attack)
The attack sends spoofed (with victim‘s IP address) ICMP Echo Requests to subnets, the victim will get ICMP Echo Replies from every machine.
Smurf Attack
Spoofing Attacks:

 ICMP Redirect attacks
• ICMP redirect messages can be used to re-route traffic on specific routes or to a specific host that is not a router at all.
• The ICMP redirect attack is very simple: just send a spoofed ICMP redirect message that appears to come from the host‘s default gateway.
ICMP Redirect attacks
ICMP destination unreachable attacks

 ICMP destination unreachable message is used by gateways to state that the datagram cannot be delivered. It can be used to “cut” out nodes from the network. It is a denial of service attack (DOS)
An attacker injects many forged destination unreachable messages stating that is unreachable) into a subnet (e.g. 128.100.100.*). If someone from the 128.100.100.* net tries to contact, he will immediately get an ICMP Time Exceeded from the attacker‘s host. For 128.100.100.* this means that there is no way to contact, and therefore communication fails.
ICMP destination unreachable attacks
Stopping IP address spoofing attack
Packet filtering
The router that connects a network to another network is known as a border router. One way to mitigate the threat of IP spoofing is by inspecting packets when they leave and enter a network looking for invalid source IP addresses. If this type of filtering were performed on all border routers, IP address spoofing would be greatly reduced.
• Ingress Filtering
• Egress Filtering
Packet filtering
Detection of IP Spoofing

 If you monitor packets using network-monitoring software such as netlog, look for a packet on your external interface that has both its source and destination IP addresses in your local domain. If you find one, you are currently under attack
Detection of IP Spoofing
 Another way to detect IP spoofing is to compare the process accounting logs between systems on your internal network. If the IP spoofing attack has succeeded on one of your systems, you may get a log entry on the victim machine showing a remote access; on the apparent source machine, there will be no corresponding entry for initiating that remote access
How we prevent IP Spoofing?
To prevent IP spoofing happen in your network, the following are some common practices:
1- Avoid using the source address authentication. Implement cryptographic authentication system-wide.
2- Configuring your network to reject packets from the Net that claim to originate from a local address.
3- Implementing ingress and egress filtering on the border routers and implement an ACL (access control list) that blocks private IP addresses on your downstream interface.
If you allow outside connections from trusted hosts, enable encryption sessions
Our Misconception
Software for IP Spoofing

 Mac Spoofing
 Macaroni Screen Saver Bundle
 SpoofMAC
 sTerm
 MAC Change
Software to Stop IP Spoofing
 StopCut
 Find Mac Address pro
 SecurityGateway for Exchange / SMTP
 PacketCreator
 Responder Pro
21-03-2011, 04:23 PM
Post: #10
RE: ip spoofing seminar report

.doc  IP address spoofing.doc (Size: 200 KB / Downloads: 123)
IP address spoofing
In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system.
The basic protocol for sending data over the Internet network and many other computer networks is the Internet Protocol ("IP"). The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send response back to the forged source address, which means that this technique is mainly used when the attacker does not care about the response or the attacker has some way of guessing the response.
In certain cases, it might be possible for the attacker to see or redirect the response to his own machine. The most usual case is when the attacker is spoofing an address on the same LAN or WAN. Hence the attackers have an unauthorized access over computers.
The concept of IP spoofing, was initially discussed in academic circles in the 1980's. While known about for sometime, it was primarily theoretical until Robert Morris, whose son wrote the first Internet Worm, discovered a security weakness in the TCP protocol known as sequence prediction. Stephen Bellovin discussed the problem in-depth in Security Problems in the TCP/IP Protocol Suite, a paper that addressed design problems with the TCP/IP protocol suite. Another infamous attack, Kevin Mitnick's Christmas Day crack of Tsutomu Shimomura's machine, employed the IP spoofing and TCP sequence prediction techniques. While the popularity of such cracks has decreased due to the demise of the services they exploited, spoofing can still be used and needs to be addressed by all security administrators.
IP spoofing is most frequently used in denial-of-service attacks. In such attacks, the goal is to flood the victim with overwhelming amounts of traffic, and the attacker does not care about receiving responses to the attack packets. Packets with spoofed addresses are thus suitable for such attacks. They have additional advantages for this purpose—they are more difficult to filter since each spoofed packet appears to come from a different address, and they hide the true source of the attack. Denial of service attacks that use spoofing typically randomly choose addresses from the entire IP address space, though more sophisticated spoofing mechanisms might avoid unroutable addresses or unused portions of the IP address space. The proliferation of large botnets makes spoofing less important in denial of service attacks, but attackers typically have spoofing available as a tool, if they want to use it, so defenses against denial-of-service attacks that rely on the validity of the source IP address in attack packets might have trouble with spoofed packets. Backscatter, a technique used to observe denial-of-service attack activity in the Internet, relies on attackers' use of IP spoofing for its effectiveness.
IP spoofing can also be a method of attack used by network intruders to defeat network security measures, such as authentication based on IP addresses. This method of attack on a remote system can be extremely difficult, as it involves modifying thousands of packets at a time. This type of attack is most effective where trust relationships exist between machines. For example, it is common on some corporate networks to have internal systems trust each other, so that users can log in without a username or password provided they are connecting from another machine on the internal network (and so must already be logged in). By spoofing a connection from a trusted machine, an attacker may be able to access the target machine without an authentication.
Why Spoof the IP Source Address?
What is the advantage of sending a spoofed packet? It is that the sender has some kind of malicious intention and does not want to be identified. You can use the source address in the header of an IP datagram to trace the sender's location. Most systems keep logs of Internet activity, so if attackers want to hide their identity, they need to change the source address. The host receiving the spoofed packet responds to the spoofed address, so the attacker receives no reply back from the victim host. But if the spoofed address belongs to a host on the same subnet as the attacker, then the attacker can "sniff" the reply. You can use IP spoofing for several purposes; for some scenarios an attacker might want to inspect the response from the target victim (called "nonblind spoofing"), whereas in other cases the attacker might not care (blind spoofing). Following is a discussion about reasons to spoof an IP packet.
Internet Protocol – IP
Internet protocol (IP) is a network protocol operating at layer 3 (network) of the OSI model. It is a connectionless model, meaning there is no information regarding transaction state, which is used to route packets on a network. Additionally, there is no method in place to ensure that a packet is properly delivered to the destination.
Examining the IP header, we can see that the first 12 bytes (or the top 3 rows of the header) contain various information about the packet. The next 8 bytes (the next 2 rows), however, contains the source and destination IP addresses. Using one of several tools, an attacker can easily modify these addresses – specifically the “source address” field. It's important to note that each datagram is sent independent of all others due to the stateless nature of IP. Keep this fact in mind as we examine TCP in the next section.
Transmission Control Protocol – TCP
IP can be thought of as a routing wrapper for layer 4 (transport), which contains the Transmission Control Protocol (TCP). Unlike IP, TCP uses a connection-oriented design. This means that the participants in a TCP session must first build a connection - via the 3-way handshake (SYN-SYN/ACK-ACK) - then update one another on progress - via sequences and acknowledgements. This “conversation”, ensures data reliability, since the sender receives an OK from the recipient after each packet exchange.
As you can see above, a TCP header is very different from an IP header. We are concerned with the first 12 bytes of the TCP packet, which contain port and sequencing information. Much like an IP datagram, TCP packets can be manipulated using software. The source and destination ports normally depend on the network application in use (for example, HTTP via port 80). What's important for our understanding of spoofing are the sequence and acknowledgement numbers. The data contained in these fields ensures packet delivery by determining whether or not a packet needs to be resent. The sequence number is the number of the first byte in the current packet, which is relevant to the data stream. The acknowledgement number, in turn, contains the value of the next expected sequence number in the stream. This relationship confirms, on both ends, that the proper packets were received. It’s quite different than IP, since transaction state is closely monitored.
Consequences of the TCP/IP Design
Now that we have an overview of the TCP/IP formats, let's examine the consequences. Obviously, it's very easy to mask a source address by manipulating an IP header. This technique is used for obvious reasons and is employed in several of the attacks discussed below. Another consequence, specific to TCP, is sequence number prediction, which can lead to session hijacking or host impersonating. This method builds on IP spoofing, since a session, albeit a false one, is built. We will examine the ramifications of this in the attacks discussed below.
Spoofing Attacks
There are a few variations on the types of attacks that successfully employ IP spoofing. Although some are relatively dated, others are very pertinent to current security concerns.
Non-Blind Spoofing
This type of attack takes place when the attacker is on the same subnet as the victim. The sequence and acknowledgement numbers can be sniffed, eliminating the potential difficulty of calculating them accurately. The biggest threat of spoofing in this instance would be session hijacking. This is accomplished by corrupting the datastream of an established connection, then re-establishing it based on correct sequence and acknowledgement numbers with the attack machine. Using this technique, an attacker could effectively bypass any authentication measures taken place to build the connection.
Blind Spoofing
This is a more sophisticated attack, because the sequence and acknowledgement numbers are unreachable. In order to circumvent this, several packets are sent to the target machine in order to sample sequence numbers. While not the case today, machines in the past used basic techniques for generating sequence numbers. It was relatively easy to discover the exact formula by studying packets and TCP sessions. Today, most OSs implement random sequence number generation, making it difficult to predict them accurately. If, however, the sequence number was compromised, data could be sent to the target. Several years ago, many machines used host-based authentication services (i.e. Rlogin). A properly crafted attack could add the requisite data to a system (i.e. a new user account), blindly, enabling full access for the attacker who was impersonating a trusted host.
07-04-2011, 03:23 PM
Post: #11
RE: ip spoofing seminar report

.ppt  IP SPOOFING.ppt (Size: 126 KB / Downloads: 153)
• IP spoofing is a technique used to gain unauthorized access to computers.
• It refers to creation of internet protocol (IP) packets with a forged source IP address , with the purpose of concealing the identity of the sender or impersonating another computer system.
• Spoofing is the creation of TCP/IP packets using somebody else's IP address.
Why IP spoofing is easy?

• Problem with the routers.
• Routers looks only at the destination address.
• Authentication based on the source addresses only.
• To change source address field in IP header field is easy.
Spoofing attacks are-

• Non Blind Spoofing
• Blind Spoofing
• Man in the middle (MITM) attack
• Denial of service (DoS) attack
Non Blind Spoofing-
• This type of attack takes place when the attacker is on the same subnet as the victim.
• The biggest threat of spoofing in this instance would be session hijacking.
Blind Spoofing-
• IP spoofing is an integral part of many network attacks that do not need to see responses .
• Blind spoofing predicts responses from a host, allowing commands to be sent, but cannot get immediate feedback.
Man in the middle attack-
• Both types of spoofing are forms of a common security violation known as a man in the middle (MITM) attack.
• In these attacks, a malicious party intercepts a legitimate communication between two friendly parties. The malicious host then controls the flow of communication and can eliminate or alter the information sent by one of the original participants without the knowledge of either the original sender or the recipient.
• In this way, an attacker can fool a victim into disclosing confidential information by “spoofing” the identity of the original sender, who is presumably trusted by the recipient.
• Packet sniffs on link between the two end points and can therefore pretend to be one end of the connection.
Denial of Service Attack-
• IP spoofing is almost always used in what is currently one of the most difficult attacks to defend against – denial of service attacks.
• Crackers wish to flood the victim with as many packets as possible in a short amount of time.
• IP spoofing is used to commit criminal activity online and to breach network security.
• Hackers use IP spoofing so they do not get caught spamming and to perpetrate denial of service attacks.
• These are attacks that involve massive amounts of information being sent to computers over a network in an effort to crash the entire network. The hacker does not get caught because the origin of the messages cannot be determined due to the bogus IP address .
• IP spoofing is also used by hackers to breach network security measures by using a bogus IP address that mirrors one of the addresses on the network. This eliminates the need for the hacker to provide a user name and password to log onto the network.
There are a few precautions that can be taken to limit IP spoofing risks on your network, such as
• Filtering at the Router
• Encryption and Authentication
• A common misconception is that “IP Spoofing” can be used to hide your IP address while surfing the internet , chatting on-line ,sending e-mail and so forth. This is generally not true.
• Forging the source IP address causes the responses to be misdirected ,meaning you cannot create a normal network connection.
• IP Spoofing is a problem without an easy solution, since it’s inherent to the design of the TCP/IP suite.
• Understanding how and why spoofing attacks are used, combined with a few simple prevention methods, can help protect your network from these malicious cloaking and cracking techniques.
07-05-2011, 12:03 PM
Post: #12
RE: ip spoofing seminar report
Presented by:
suvendu kumar sahu

.doc  suvendu.doc (Size: 1,010.5 KB / Downloads: 79)

• The Concept of IP Spoofing was Discussed in 1980’s
• Spoofing problem Arises due to in-depth Security problem in TCP/IP Protocol Suite
• Spoofing can still be used and needs to be addressed by all security administrators.
Definition of ip:
The Internet Protocol is a network-layer protocol that contains addressing information and some control information that enables
packets to be routed .
Spoofing refers to creation of IP packets with a forged IP source address.
• IP Spoof
• Web Spoof
• E-mail Spoof
• Non Technical Spoof
Some background on AES
In 1997 the US National Institute of Standards and Technology put out a call for candidates for a replacement for the ageing Data Encryption Standard, DES. 15 candidates were accepted for further consideration, and after a fully public
process and three open international conferences, the number of candidates was reduced to five. In February 2001, the final candidate was announced and comments were solicited. 21 organizations and individuals submitted comments..
AES is founded on solid and well-published mathematical ground, and appears to resist all known attacks well. There’s a strong indication that in fact no
back-door or known weakness exists since it has been published for a long time, has been the subject of intense scrutiny by researchers all over the world, and
such enormous amounts of economic value and information is already
successfully protected by AES. There are no unknown factors in its design,
and it was developed by Belgian researchers in Belgium therefore voiding the conspiracy theories sometimes voiced concerning an encryption standard
developed by a United States government agency. A strong encryption algorithm need only meet only single main criteria:
• There must be no way to find the unencrypted clear text if the key is unknown, except brute force, i.e. to try all possible keys until the right one is found.
• The number of possible keys must be so large that it is computationally infeasible to actually stage a successful brute force attack in short enough a time.
The older standard, DES or Data Encryption Standard, meets the first criterion, but no longer the secondary one – computer speeds have caught up with it,
or soon will. AES meets both criteria in all of its variants: AES-128, AES-192
and AES-256.
Encryption must be done properly
AES may, as all algorithms, be used in different ways to perform encryption. Different methods are suitable for different situations. It is vital that the correct method is applied in the correct manner for each and every situation, or the
result may well be insecure even if AES as such is secure. It is very easy to implement a system using AES as its encryption algorithm, but much more skill and experience is required to do it in the right way for a given situation. No more than a hammer and a saw will make anyone a good carpenter, will AES make a system secure by itself. To describe exactly how to apply AES for varying
purposes is very much out of scope for this short introduction.
Strong keys
Encryption with AES is based on a secret key with 128, 192 or 256 bits. But if the key is easy to guess it doesn’t matter if AES is secure, so it is as critically vital to use good and strong keys as it is to apply AES properly. Creating good and strong keys is a surprisingly difficult problem and requires careful design when done
with a computer. The challenge is that computers are notoriously deterministic, but what is required of a good and strong key is the opposite – unpredictability
and randomness. Keys derived into a fixed length suitable for the encryption algorithm from passwords or pass phrases typed by a human will seldom correspond to 128 bits much less 256. To even approach 128--bit equivalence in a pass phrase, at least 10 typical passwords of the kind frequently used in day-to-day work are needed. Weak keys can be somewhat strengthened by special techniques by adding computationally intensive steps which increase the amount of computation necessary to break it. The risks of incorrect usage,
implementation and weak keys are in no way unique for AES; these are shared
by all encryption algorithms. Provided that the implementation is correct, the security provided reduces to a relatively simple question about how many bits the chosen key, password or pass phrase really corresponds to.
20-06-2011, 12:57 PM
Post: #13
RE: ip spoofing seminar report

.doc  seminar report.doc (Size: 699.5 KB / Downloads: 97)
In computer networking, the term IP address spoofing or IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address, called spoofing, with the purpose of concealing the identity of the sender or impersonating another computing system
Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source.
A common misconception is that "IP spoofing" can be used to hide your IP address while surfing the Internet, chatting on-line, sending e-mail, and so forth. This is generally not true. Forging the source IP address causes the responses to be misdirected, meaning you cannot create a normal network connection.
However, IP spoofing is an integral part of many network attacks that do not need to see responses (blind spoofing).
Examples of spoofing:
Packet sniffs on link between the two end points, and can therefore pretend to be one end of the connection
Routing redirect
Redirects routing information from the original host to the hacker's host (this is another form of man-in-the-middle attack).
Source routing
Redirects individual packets by hackers host
Blind spoofing
Predicts responses from a host, allowing commands to be sent, but can't get immediate feedback.
SYN flood fills up receive queue from random source addresses; smurf/fraggle spoofs victims address, causing everyone respond to the victim.
The standard model for networking protocols and distributed applications is the International Standard Organization's Open System Interconnect (ISO/OSI) model. It defines seven network layers.
Short for Open System Interconnection, an ISO standard for worldwide communications that defines a networking framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.
At one time, most vendors agreed to support OSI in one form or another, but OSI was too loosely defined and proprietary standards were too entrenched. Except for the OSI-compliant X.400 and X.500 e-mail and directory standards, which are widely used, what was once thought to become the universal communications standard now serves as the teaching model for all other protocols.
Control is passed from one layer to the next, starting at the application layer in one station, and proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.
08-07-2011, 01:54 PM
Post: #14
RE: ip spoofing seminar report
08-07-2011, 01:59 PM
Post: #15
RE: ip spoofing seminar report
09-07-2011, 11:27 AM
Post: #16
RE: ip spoofing seminar report
already added these topics " ip spoofing seminar report" please see bellow post

Rating ip spoofing seminar report Options
Share ip spoofing seminar report To Your Friends :- Seminar Topics Bookmark
Post Reply 

Marked Categories : ppt on internet protocol ip spoofing, ip spoofing presentation download, ip spoffing report, ip spoofing doc, ip spoofing detail seminar report and pdf, technical seminar 0n ipspoofing, ip spoofing abstract, argue that any network using proxy arp is vulnerable to spoofing i e an arbitrary machine can impersonate any other machine, ip spoofing project code, ip spoofing paper presentation, ip spoofing report, seminar topic for ip address in ppt, web and ip spoofing advantages, download ip spoofing, seminar report of ip spoofing, seminar report on ip spoofing, ip spoofing seminar documentation, abstract for ip spoofing, abstract and introduction toip spoofing,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Seminar report on Android mkaasees 0 0 09-11-2016 04:31 PM
Last Post: mkaasees
  A Seminar On Cloud Computing mkaasees 0 0 07-11-2016 04:16 PM
Last Post: mkaasees
  SEMINAR ON OSI MODEL mkaasees 0 0 03-11-2016 10:34 AM
Last Post: mkaasees
  Seminar Report On QR Code mkaasees 0 0 27-10-2016 09:54 AM
Last Post: mkaasees
  A SEMINAR ON ATM SECURITY mkaasees 0 0 26-10-2016 11:49 AM
Last Post: mkaasees
  Cellonics Seminar Report mkaasees 0 0 25-10-2016 11:15 AM
Last Post: mkaasees
  Seminar On Steganography mkaasees 0 0 14-10-2016 03:56 PM
Last Post: mkaasees
  mobile computing full report seminar topics 28 35,597 14-10-2016 02:33 PM
Last Post: jaseela123
  Seminar On DNS mkaasees 0 0 07-10-2016 03:13 PM
Last Post: mkaasees
  A SEMINAR ON 4G mkaasees 0 0 27-09-2016 03:02 PM
Last Post: mkaasees
This Page May Contain What is ip spoofing seminar report And Latest Information/News About ip spoofing seminar report,If Not ...Use Search to get more info about ip spoofing seminar report Or Ask Here