Prevent Internet Protocol Spoofing

Internet protocol spoofing which is commonly known as ip spoofing is a ploy used

by an attacker to make clients think that the packets they are using come from a trusted source. The attacker creates ip packets with a counterfeit ip address that a client later uses without knowing that they are not from a trusted machine. Spoofing comes in many types such as blind spoofing, denial-of-service attack and non-blind spoofing. Attackers usually use this trick to hide where a computer is connecting from or which computer is accessing the network. Different people have different reasons as to why they would want to spoof the network. Some of the reasons could be for criminal activities or to visit websites that have morally unacceptable content. Ip spoofing exposes one to loss of sensitive information or even damage to the overall network.

There are several ways to prevent ip spoofing. The first method that you can use is to do away with host based network authentications. Host based authentication uses a public host key for authentication which is highly susceptible to hacking. So instead you should use network encryption for authentication. In encrypted networks, it is hard for an attacker to hack into your network since it only sends encrypted packets over the network.

You could also use ingress filtering technique to rid your network from ip spoofing attacks. In this technique, all packets originating from a source outside the network are filtered at the gateway of the network with a source address within the network to confirm that they come from a legitimate source. If the packets are illegitimate they are blocked from your network.

You could also use engress filtering method to safeguard your network from theses attacks. In engress filtering, all packets originating from within the network are blocked from inside the network using a source address that is outside the network. They are scanned via a router or firewall and the packets that seem suspicious are with held. The method is effective in preventing an attacker within your network who could be filtering from launching his or her ip spoofing attack against an external machine. Usually ingress filtering is used together with engress filtering.

The other way to prevent ip spoofing is configuration of your routers and switches. This is done to make them support a certain configuration such that they will not accept packets that come from outside your local network and claim to have originated from within. You could also allow encryption sessions on the router that you are using so that trusted hosts outside your network can securely communicate with your local hosts. Use of authentication key exchange between machines on your network can substantially reduce spoofing attacks.

Using the reverse path forwarding ip verify technique you can prevent ip spoofing. In this method the reverse path forwarding takes the source of an IP address of a packet that is received from outside the network and looks up to confirm if the router has a route in its table that can be used to reply to that packet. If none is found on the routing table, it is assumed that the packet has been spoofed and the router drops the packet immediately.

by: Patricia Richards

POST COMMENT

Staying Safe On The Internet "seek First To Understand, Then To Be Understood" Always Works In Internet Marketing Low-cost Dial-up Internet Connection Providers That Provide Pay As You Go Web More Families Agree That Wireless Internet Plays A Role Powerful Tips To Effectively Earn Money On The Internet Right Away Encontre Camisetas Engraadas Na Internet Wireless Internet Access Makes Group Planning A Breeze Improving A Lifestyle With Wireless Internet Taking Advantage Of Wireless Internet To Achieve Your Fitness And Health Goals Good Ways To Lower Your Electric Bill With Wireless Internet Wireless Internet Creates A Cushion In Hard Times Learn Online About Buying Your First Home With Wireless Internet Stay On Top Of Sports Statistics With Help From Wireless Internet