|
|
|
       Notes:Cryptographic authentication is not a part of the IP layer, instead many systems rely on the validity of the source Internet address. Many socket implementations allow programmers to use the TCP/IP stack in raw mode. Packet headers are crafted by the programmer rather than generated by the network stack. This may be done to change the TTL value or to implement alternative transport layers. However it is often possible to change all of the header including the IP addresses and TCP ports. IP-spoofing attacks exploit trust-relationships between systems. For example the popular Berkeley r commands permit operations between hosts based entirely on the validity of the client’s IP address and the information returned by the name resolver. IP spoofing attacks work by discovering these trust relationships and then faking packets to appear as if they arrived from the trusted host. Port numbers can also be fabricated. Filtering rules should not assume that certain ports can be trusted. There is no guarantee that incoming data with a source port of 25 is generated by an SMTP client. However it is simpler for a hacker to start a client using a certain port than to spoof this data. |
|
©1994-2006 All text and images copyright: www.abcseo.com; last updated: |