!~ IP Spoofing ~!
The term IP (Internet Protocol) address spoofing refers to the creation of IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system.
For Check Your IP Address..
for see another IP address
Why it works ?
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.
How it works ?
To completely understand how ip spoofing can take place, one must examine the structure of the TCP/IP protocol suite. A basic understanding of these headers and network exchanges is crucial to the process.
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.
How it works ?
To completely understand how ip spoofing can take place, one must examine the structure of the TCP/IP protocol suite. A basic understanding of these headers and network exchanges is crucial to the process.
Internet Protocol (IP) :
It is a network protocol operating at layer 3 (network) of the OSI model. It is a connectionless model, meaning there is no information regarding transaction state, which is used to route packets on a network. Additionally, there is no method in place to ensure that a packet is properly delivered to the destination.
Your Browser and Server use TCP/IP
Browsers and servers use TCP/IP to connect to the Internet.
A browser uses TCP/IP to access a server. A server uses TCP/IP to send HTML back to a browser.
Your E-Mail uses TCP/IP
Your e-mail program uses TCP/IP to connect to the Internet for sending and receiving e-mails.
Your Internet Address is TCP/IP
Your Internet address "192.168.10.84" is a part of the standard TCP/IP protocol (and so is your domain name).
What is TCP/IP ?
TCP/IP is the communication protocol for communication between computers on the Internet.
TCP/IP stands for Transmission Control Protocol / Internet Protocol.
TCP/IP defines how electronic devices (like computers) should be connected to the Internet, and how data should be transmitted between them.
Inside TCP/IP
Inside the TCP/IP standard there are several protocols for handling data communication:
- TCP (Transmission Control Protocol) communication between applications
- UDP (User Datagram Protocol) simple communication between applications
- IP (Internet Protocol) communication between computers
- ICMP (Internet Control Message Protocol) for errors and statistics
- DHCP (Dynamic Host Configuration Protocol) for dynamic addressing
TCP Uses a Fixed Connection
TCP is for communication between applications.
If one application wants to communicate with another via TCP, it sends a communication request. This request must be sent to an exact address. After a "handshake" between the two applications, TCP will set up a "full-duplex" communication between the two applications.
The "full-duplex" communication will occupy the communication line between the two computers until it is closed by one of the two applications.
UDP is very similar to TCP, but simpler and less reliable.
IP is Connection-Less
IP is for communication between computers.
IP is a "connection-less" communication protocol.
IP does not occupy the communication line between two computers. IP reduces the need for network lines. Each line can be used for communication between many different computers at the same time.
With IP, messages (or other data) are broken up into small independent "packets" and sent between computers via the Internet.
IP is responsible for "routing" each packet to the correct destination.
IP Routers
When an IP packet is sent from a computer, it arrives at an IP router.
The IP router is responsible for "routing" the packet to the correct destination, directly or via another router.
The path the packet will follow might be different from other packets of the same communication. The router is responsible for the right addressing, depending on traffic volume, errors in the network, or other parameters.
Connection-Less Analogy
Communicating via IP is like sending a long letter as a large number of small postcards, each finding its own (often different) way to the receiver.
TCP/IP
TCP/IP is TCP and IP working together.
TCP takes care of the communication between your application software (i.e. your browser) and your network software.
IP takes care of the communication with other computers.
TCP is responsible for breaking data down into IP packets before they are sent, and for assembling the packets when they arrive.
IP is responsible for sending the packets to the correct destination.
IP Addresses
Each computer must have an IP address before it can connect to the Internet.
Each IP packet must have an address before it can be sent to another computer.
IP addess is the identity of computer or website.
Domain Names
A name is much easier to remember than a 12 digit number.
Names used for TCP/IP addresses are called domain names.
google.com is a domain name.
When you address a web site, like http://www.google.com, the name is translated to a number by a Domain Name Server (DNS).
All over the world, DNS servers are connected to the Internet. DNS servers are responsible for translating domain names into TCP/IP addresses.
When a new domain name is registered together with a TCP/IP address, DNS servers all over the world are updated with this information.
TCP - Transmission Control Protocol
TCP is used for transmission of data from an application to the network.
TCP is responsible for breaking data down into IP packets before they are sent, and for assembling the packets when they arrive.
IP - Internet Protocol
IP takes care of the communication with other computers.
IP is responsible for the sending and receiving data packets over the Internet.
HTTP - Hyper Text Transfer Protocol
HTTP takes care of the communication between a web server and a web browser.
HTTP is used for sending requests from a web client (a browser) to a web server, returning web content (web pages) from the server back to the client.
HTTPS - Secure HTTP
HTTPS takes care of secure communication between a web server and a web browser.
HTTPS typically handles credit card transactions and other sensitive data.
SSL - Secure Sockets Layer
The SSL protocol is used for encryption of data for secure data transmission.
SMTP - Simple Mail Transfer Protocol
SMTP is used for transmission of e-mails.
MIME - Multi-purpose Internet Mail Extensions
The MIME protocol lets SMTP transmit multimedia files including voice, audio, and binary data across TCP/IP networks.
IMAP - Internet Message Access Protocol
IMAP is used for storing and retrieving e-mails.
POP - Post Office Protocol
POP is used for downloading e-mails from an e-mail server to a personal computer.
FTP - File Transfer Protocol
FTP takes care of transmission of files between computers.
NTP - Network Time Protocol
NTP is used to synchronize the time (the clock) between computers.
DHCP - Dynamic Host Configuration Protocol
DHCP is used for allocation of dynamic IP addresses to computers in a network.
SNMP - Simple Network Management Protocol
SNMP is used for administration of computer networks.
LDAP - Lightweight Directory Access Protocol
LDAP is used for collecting information about users and e-mail addresses from the internet.
ICMP - Internet Control Message Protocol
ICMP takes care of error-handling in the network.
ARP - Address Resolution Protocol
ARP is used by IP to find the hardware address of a computer network card based on the IP address.
RARP - Reverse Address Resolution Protocol
RARP is used by IP to find the IP address based on the hardware address of a computer network card.
BOOTP - Boot Protocol
BOOTP is used for booting (starting) computers from the network.
PPTP - Point to Point Tunneling Protocol
PPTP is used for setting up a connection (tunnel) between private networks.
When you write an email, you don't use TCP/IP.
When you write an email, you use an email program like Lotus Notes, Microsoft Outlook or Netscape Communicator.
Your Email Program Does
Your email program uses different TCP/IP protocols:
- It sends your emails using SMTP
- It can download your emails from an email server using POP
- It can connect to an email server using IMAP
SMTP - Simple Mail Transfer Protocol
The SMTP protocol is used for the transmission of e-mails. SMTP takes care of sending your email to another computer.
Normally your email is sent to an email server (SMTP server), and then to another server or servers, and finally to its destination.
SMTP can only transmit pure text. It cannot transmit binary data like pictures, sounds or movies.
SMTP uses the MIME protocol to send binary data across TCP/IP networks. The MIME protocol converts binary data to pure text.
POP - Post Office Protocol
The POP protocol is used by email programs (like Microsoft Outlook) to retrieve emails from an email server.
If your email program uses POP, all your emails are downloaded to your email program (also called email client), each time it connects to your email server.
IMAP - Internet Message Access Protocol
The IMAP protocol is used by email programs (like Microsoft Outlook) just like the POP protocol.
The main difference between the IMAP protocol and the POP protocol is that the IMAP protocol will not automatically download all your emails each time your email program connects to your email server.
The IMAP protocol allows you to look through your email messages at the email server before you download them. With IMAP you can choose to download your messages or just delete them. This way IMAP is perfect if you need to connect to your email server from different locations, but only want to download your messages when you are back in your office.
No comments:
Post a Comment