It should be no surprise to your that in the world of computer networking savvy computer technicians have the ability to mask their identity on the Internet with advanced techniques.  IP Spoofing, similar to caller ID blocking in telecommunications, refers to hackers disguising their IP address and network identification information to gain unauthorized access to other computers or networks.  When the targeted system is "spoofed" the system will display a message that a trusted source is trying to access their network.  Once the IP address is "spoofed" hackers can conduct criminal acts on your computer or network remotely. 

Internet Protocol spoofing initially became a problem in the 1980's.  While it was considered an accomplishment to crack an IP address and to conquer the protocol's weakness, it quickly became a problem and was a primary focus for security administrators thereafter.  In terms of spoofing, there are three different types of attacks:

Non-Blind Spoofing Attacks
When the attacker is actually on the same subnet as the system they are attacking this is considered a non-blind spoof.  This form of spoofing can cause session hijacking and can effectively allow the hijacker to bypass security to establish a connection using proxies and sequences. 

Blind Spoofing
Blind spoofing is a bit more advanced than non-blind methods.  Packets are sent to the machine the hijacker is targeting to get an idea of the sequence numbers in the network.  While sequencing is random, some hijackers can accurately predict sequences for access.  While some hijackers may not be able to gain a full connection, they can send data packets and viruses to the targeted machine.

Attackers are not concerned with completing full transactions on your network.  The primary focus of an IP spoofer is to consume bandwidth and resources.  By flooding the victim with packets of communication, traffic has effectively controlled your computer and a connection can be made. 

If you want to protect your computer or your network against IP spoofing it is important to take the proper precautions.  Proactive steps and security precautions are the only way to keep your IP address protected.  Ingress and egress filtering on your router is very important.  This will block private IPs and will not accept IP addresses with your sequence as the source.  Encryptions and authentication measures within your subnet are also important and can reduce attacks and vulnerability.  The truth of the matter is unless you are a spoofer yourself you are perhaps never fully protected.  Be aware of the security risks that exist and take proactive steps to protect your computer.

One comment

  1. I never thought of filtering the router.  But I must agree, you never really are completely safe.   This makes me want to review my own safety!

Leave a Reply

Your email address will not be published. Required fields are marked *