...IP Spoofing by Farha Ali, Lander University The Internet Protocol, or IP, is the main protocol used to route information across the Internet. The role of IP is to provide best-effort services for the delivery of information to its destination. IP depends on upper-level TCP/IP suite layers to provide accountability and reliability. The heart of IP is the IP datagram, a packet sent over the Internet in a connectionless manner. An IP datagram carries enough information about the network to get forwarded to its destination; it consists of a header followed by bytes of data . The header contains information about the type of IP datagram, how long the datagram should stay on the network (or how many hops it should be forwarded to), special flags indicating any special purpose the datagram is supposed to serve, the destination and source addresses, and several other fields, as shown in Figure 1. Figure 1: The IP Header Layers above IP use the source address in an incoming packet to identify the sender. To communicate with the sender, the receiving station sends a reply by using the source address in the datagram. Because IP makes no effort to validate whether the source address in the packet generated by a node is actually the source address of the node, you can spoof the source address and the receiver will think the packet is coming from that spoofed address. Many programs for preparing spoofed IP datagrams are available for free on the Internet; for example, hping lets...
Words: 3368 - Pages: 14
...Department of Integrated Communications Systems Student research project (Mobile IP in Source Routing Systems) Supervisor: Dipl.-Inf. Florian Liers Editor: Imad kailouh Ilmenau, July 2010 1. Introduction ............................................................................................................. 4 1.1 Motivation .......................................................................................................... 4 1.2 Purpose of the work .......................................................................................... 4 2. Basics ..................................................................................................................... 5 2.1 Internet Protocol (IP) ......................................................................................... 5 2.1.1 IP Routing....................................................................................................... 5 2.1.1.1 What is routing ...................................................................................... 5 2.1.1.2 Source vs. Hop by Hop Routing ............................................................ 5 2.2 Mobile IP ........................................................................................................... 7 2.2.1 Terminology in Mobile IP ............................................................................. 7 2.2.2 How Mobile IP Works ..............................................................................
Words: 7747 - Pages: 31
...12/7/2014 IP Spoofing Cisco Systems The Internet Protocol Journal, Volume 10, No. 4 IP Spoofing HOME ABOUT CISCO PUBLICATIONS AND MERCHANDISE THE INTERNET PROTOCOL JOURNAL ISSUES VOLUME 10, NUMBER 4, DECEMBER 2007 Book Review Call for Papers Download PDF Fragments From the Editor IP Spoofing Looking Toward the Future Remembering Itojun Security Standards Layers above IP use the source address in an incoming packet to identify the sender. To communicate with the sender, the receiving station sends a reply by using the source address in the datagram. Because IP makes no effort to validate whether the source address in the packet generated by a node is actually the source address of the node, you can spoof the source address and the receiver will think the packet is coming from that spoofed address. Many programs for preparing spoofed IP datagrams are available for free on the Internet; for example, hping lets you prepare spoofed IP datagrams with just a oneline command, and you can send them to almost anybody in the world. You can spoof at various network layers; for example, you can use Address Resolution Protocol (ARP) spoofing to divert the traffic intended for one station to someone else. The Simple Mail Transfer Protocol (SMTP) is also a target for spoofing; because SMTP does not verify the sender's address, you can send any email to anybody pretending to be someone else. This article focuses on the various types of attacks that involve IP spoofing on networks...
Words: 3181 - Pages: 13
...addresses to be able to filter instead of flooding b) The separation of two IP subnets by a router c) Devices connected to an Ethernet hub d) Devices connected to an Ethernet switch operating in full duplex mode 3. Given the following routing table on a router, which next hop will the router select given the IP packet with the destination address of 202.8.40.254? Address/Mask Next hop 202.8.0.0/16 Interface 0 202.8.40.0/24 Interface 1 202.8.40.128/25 Router 1 default Router 2 a) Router 1 b) Router 2 c) Interface 0 d) Interface 1 4. Which of the following two protocols operate at the OSI Transport layer? a) IP and ARP b) TCP and UDP c) UDP and IP d) ARP and ICMP 5. The process of a DNS server adding a UDP header to the contents of a DNS query response, followed by adding an IP header, and then adding a data link header and trailer is an example of what? a) Adjacent layer interface b) Data encapsulation c) Same layer interaction d) Packet reordering 6. The term autonomous system (AS) defines the collection of metrics for routes to a particular network. a) True b) False 7. Given 5 bits of mask for the host portion of an IP address, how may usable host addresses are available? a) 62 b) 22 c) 14 d) 30 8. When a Telco provides a circuit handoff for a TDM circuit such as a DS1/T1 at the demark, the interface type is _________. a) RJ-11 b) RJ-45 c) V.35 d) RJ-48 9. What address below belongs to the Class A network range? a) 126.254.1.45 b) 224.42...
Words: 1737 - Pages: 7
...makeup IP routing, Static and connected routes IP routing defines how an IP packet can be delivered from the host at which the packet is created to the destination host. Hosts and routers participate in the IP routing process. The list summarizes a host’s logic when forwarding a packet, assuming that the host is on an Ethernet / wireless LAN. When sending a packet, compare the destination IP address of the packet to the sending host’s perception of the range of addresses in the connected subnet, based on the host’s IP address and subnet mask. If the destination is in the same subnet as the host, send the packet directly to the destination host. ARP is needed to find the destination host’s MAC address. If the destination host is not in the same subnet as the host, send the packet directly to the host’s default gateway. ARP is needed to find the default gateway’s MAC address. Routers use the following steps: the packet must first be received, whereas the sending host begins with the IP packet in memory. For each received frame, use the data-link trailer frame check sequence (FCS) field to ensure that the frame had no errors; if errors occurred, discard the frame and don’t continue to the next step. Check the frame’s destination data link layer address, and process only if addressed to this router or to a broadcast/multicast address. Discard the incoming frame’s old data-link header and trailer, leaving the IP packet. Compare the packet’s destination IP address to the routing...
Words: 756 - Pages: 4
...Difference between static and dynamic IPs. When a device is assigned a static IP address, it does not change. The device always has the same IP address. Most devices use dynamic IP addresses, which are assigned by the network when they connect. About static IPs for small business Static IP addresses An Internet Protocol (IP) address is a unique number assigned to each computer on a network. An IP address identifies computers on the Internet. A computer on the Internet can have a static IP address, which means it stays the same over time, or a dynamic IP address, which means the address can change over time. When you might need static IPs You might need static IPs if one or more of these scenarios applies to you: • Maintain your own web server or other Internet server, such as an email server, that requires users to connect from the Internet. • Have external devices or services that must connect to your network via IP address (for example, 74.125.224.72) rather than by name (for example, google.com). • Use a VPN or other service to remotely connect to computers in your business. Well, the first thing I would ask you is what Class of address does 172 fall under? This is vital. (This would be a Class B address because their range is 128-191) Therefore, be definition, the network mask is 255.255.0.0, or /16... Now, with a given IP and mask of 172.25.102.41 /22 you can see that they are using 6 bits for subnetting. (/16 default, and now using /22). This is a mask of...
Words: 464 - Pages: 2
...1) Host A opens a command prompt and enters >Ping 200.200.200.5. 2) IP works with the Address Resolution Protocol (ARP) to determine which network this packet is destined for by looking at the IP address and the subnet mask of Host A. Since this is a request for a remote host, which means it is not destined to be sent to a host on the local network, the packet must be sent to the router (the gateway for Network A) so that it can be routed to the correct remote network (which is Network B). 3) Now, for Host A to send the packet to the router, it needs to know the hardware address of the router's interface which is connected to its network (Network A), in case you didn't realise, we are talking about the MAC (Media Access Control) address of...
Words: 1022 - Pages: 5
...IP ADDRESSING: An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there." The designers of the Internet Protocol defined an IP address as a 32-bit number[ and this system, known as Internet Protocol Version 4 (IPv4), is still in use today. However, due to the enormous growth of the Internet and the predicted depletion of available addresses, a new addressing system (IPv6), using 128 bits for the address, was developed in 1995, standardized as RFC 2460 in 1998, and its deployment has been ongoing since the mid-2000s. In the most widely installed level of the Internet Protocol (IP) today, an IP address is a 32-bit number that identifies each sender or receiver of information that is sent in packets across the Internet. When you request an HTML page or send e-mail, the Internet Protocol part of TCP/IP includes your IP address in the message (actually, in each of the packets if more than one is required) and sends it to the IP address that is obtained by looking up the domain name in the Uniform Resource Locator you requested or in the e-mail address you're sending a note to. At the other...
Words: 1361 - Pages: 6
...WT-Engg.-CPE-IX380 Contents Contents 2 1.0 Document Control Information 4 2.0 Purpose & Scope 5 3.0 General Information 7 Safety Precautions 7 Cleaning and Maintaining 7 4.0 Device Physical Appearance 8 Appearance 8 Parts Supplied 8 LED Indicator 8 Working Condition 9 Technical Parameters 9 Ports 10 5.0 Physical Connectivity of IX380 11 Application Structure 11 Hardware Installation 11 Connect to LAN 11 Connect to Phone 12 Connect Power Adapter 12 Power on MODEM 12 6.0 Configuration of IX380 13 TCP IP Installation 13 TCP IP Configuration 13 Checking 14 Check LAN Connection 14 Cancel Proxy Server in Browser 15 Others 15 7.0 Preliminary Actions 16 Login 16 Status 18 Connection Status 18 WiMAX Information 20 About My Modem 22 Setup 23 IP Configuration 23 DHCP Clients 23 DHCP Binding 24 WLAN 24 Basic Settings 24 Security 25 MAC Filter 27 Advanced Settings 28 Advanced 28 Routing Setup 28 SNTP Client Configuration 29 DDNS Setup 29 DNS Configuration 30 IGMP Configuration 31 Security 32 Port Forwarding 32 Port Trigger 33 DMZ 35 ACL 36 VPN Client 38 Tools 39 System Commands 39 Ping 40 User Management 40 System Log 41 VAS Code 42 Troubleshooting Steps 44 In case of VPN? 46 LAYER 2 VPN: 46 LAYER 3 VPN: 46 Appendix...
Words: 5052 - Pages: 21
...Network Documentation LAB 2 Introduction In this lab, you will learn how to use several different applications and interfaces to identify and document an IP network design and schema. Chief among these is PuTTY, which you used in Lab #1. The primary use of PuTTY is to establish Telnet and SSH sessions to remote servers. You will use PuTTY to collect information about those resources. You will also use Wireshark to capture packet data from the sessions you establish with PuTTY. Learning Objectives Upon completing this lab, you will be able to: • Develop a plan for identifying and documenting the logical IP network design and IP addressing schema based on data collected from Lab #1 • Use PuTTY to establish Telnet and SSH to the IP addresses of the identified interfaces on Cisco routers, switches, and firewalls • Use Cisco show commands to display the MAC-layer addresses of Ethernet ports, IP addressing schema, and subnet mask addressing used throughout the IP networking infrastructure • Document the MAC addresses and IP addresses of the IP networking infrastructure • Document the IP host addresses of the VM server farm hosts TOOLS AND SOFTWARE USED NAME Wireshark PuTTY Cisco IOS MORE INFORMATION http://www.wireshark.org/ http://www.chiark.greenend.org.uk/~sgtatham/putty/ http://www.cisco.com/warp/cpropub/45/tutorial.htm 17 38504_LMxx_Lab02.indd 17 8/30/12 7:51 PM 18 LAB #2 | Network Documentation Deliverables Upon completion of this lab, you...
Words: 1982 - Pages: 8
...NTNT2640 IP Networking Midterm Люда Григорашенко Fri Apr 25 17:29:25 CDT 2014 Which two of the following are Layer 2 protocols commonly used in WANs? PPP and HDLC Which of the following describes a collision domain? Devices connected to an Ethernet hub Which of the following protocol operates at the OSI model Transport Layer? UDP What process is used by a DNS server to add a UDP header to the contents of a DNS query response, followed by adding an IP header, and then adding a data link header and trailer is an example of what? Data Encapsulation The term autonomous system (AS) refers to the collection of metrics for routes to a particular network. False Given the 5 bits of a subnet mask for the host portion of an IP addresses are available? 30 The interface type at the demark for a DS1/T1 circuit at is ____. RJ-48 Given the following routing table on a router, which next hop will the router select given the IP packet with the destination address of: 19.48.254.3 Router 2 Which address below belongs to the Class A network range? 126.254.1.45 Which of the following dynamic routing protocols is an exterior gateway protocol? BGP Out of the following which does a router normally use when making a decision about routing an IP packet? Destination IP Adress How many bits comprise the network portion of a Class C address? 24 A broadcast address is an address that only a single host listens to on the network. False How many usable host addresses are available...
Words: 791 - Pages: 4
...converts the host name into an Internet Protocol (IP) addresses. Domain names are in alphabetic form easy for human to remember. Nonetheless, the World Wide Web (WWW) is run based on IP addresses. Therefore, without the DNS the internet would be very difficult to access. Today, there are two versions of IP 4 and 6 that use DNS. With the growing number of devices with internet IP address, IPv4 is running out of addresses and will eventually be replaced by IPv6. But until then, it is important to understand the many similarities and contrast between both versions. Domain Name Servers and Internet Protocol The core of how the internet works is the DNS, which was created to simplify the unmanageable computer naming. Thus, allowing us to use a more human friendly host name while exchanging email or accessing web pages. An IP address is a numerical label assigned by the Internet Assigned Numbers Authority (IANA) to every host in order to communicate. (Gralla, 2006). The DNS will translate host name like www.google.com into a raw IP address number 173.194.40.197. DNS structure is a hierarchical distributed database. At the top level there is a root server. Many categories were created under the root called the top level domains: .Com, .Net, .Org, .Mil, .Edu, .Gov, and .Int. When a client device requests a communication with a host like www.google.com, the DNS client uses a resolver to convert the host name into an IP address. First, the DNS will send a request to the root servers...
Words: 1390 - Pages: 6
...LAN address format, the SNAP protocol, the Playpen Ethertypes, and the OID registration arcs. The higher Layer Interface working group in 802. Defines the bridging and security glue that interconnects the LANs define by the 802 MAC groups. Exercise 5.1.2 What 802.3 standard originally define PoE functionality? When was the standard enhanced, and what was the new standard name given for the enhancement? The standard that originally defines PoE functionality was the IEEE 802.3af. The new standard is known as IEEE 802.3at it, and it was enhanced in 2012. Exercise 5.1.3 Complete Table Standard | Cabling | Maximum Length | 10BASE5 | Coaxial(Thicknet) | 500m | 10BASE2 | Coaxial (Thinnet) | 185m | 10BASE-T | UTP (Cat3, 5, 5e, 6) | 100m | 100BASE-FX | Multi-mode fiber optic cable (SC or ST) | 400m | 100BASE-T | UTP (Cat3, 5, 5e, 6) | 100m | 100BASE-T4 | STP Twisted Cable | 100m | 100BASE-TX | Single-mode fiber optic cable | 20km | 1000BASE-LX | SMF and MMF | 550m | 1000BASE-SX | MM fiber-optic | 220m or 550m (dependent upon fiber thickness | 1000BASE-ZX | MM fiber-optic | 550m | 1000BASE-T | UTP (Cat3, 5, 5e, 6) | 100m | Exercise 5.1.4 What does the numeric prefix before BASE in the Ethernet standards define? What does the inclusion of a postfix of – T imply? The numeric prefix means the number of Mbps transmission speeds the Ethernet standard supports. T implies twisted pair. LAB 5.2: MAC and IP Addresses Exercise 5.2.1 Why must a MAC address have...
Words: 1936 - Pages: 8
...Routing Table Format- A routing table is used by TCP/IP network routers to calculate the destinations of messages it is responsible for forwarding. The table is a small in-memory database managed by the router's built-in hardware and software. Each IP address identifies a remote router (or other network gateway) that the local router is configured to recognize. For each IP address, the routing table additionally stores a network mask and other data that specifies the destination IP address ranges that remote device will accept. Home network routers utilize a very small routing table because they simply forward all outbound traffic to the Internet Service Provider (ISP) gateway which takes care of all other routing steps. Home router tables typically contain ten or fewer entries. By comparison, the largest routers at the core of the Internet backbone must maintain the full Internet routing table that exceeds 100,000 entries and growing as the Internet expands. b. Routing Lookup Mechanism- c. Classful vs. Classless Routing- Classful Routing, which is sometimes called a classful network. If you are using a classful routing protocol then all of your networks are in different classes and are separated by a router. Remember that the useable IPv4 address ranges are divided into classes. Class A 1-126, Class B 128-191, and Class C 192-223. So when we talk about a classful routing protocol, it will only look at the IP address class and not the subnet mask. This is the problem; if...
Words: 3788 - Pages: 16
...Unit One Project Heidar Alshabany IT 535 Kaplan University May 13, 2014 Unit One Project Network address Translation (NAT) is a technology that can be used by network administrators to configure IP addresses of network communication. NAT permits a network device like a router to act as an agent between public and private networks. NAT provides the capability for enterprises and home users to use a single IP address to represent a group of computers on a public domain. The translation part of NAT between private and public addresses, allows a node or a group of nodes already setup with internal addresses to be stamped with an outside address, therefore permitting them to communicate over the Internet. Moreover, NAT helps in managing the private and public portion of the network because it can isolate the internal and exterior address spaces. This address isolation makes devices in a private network independent of the IP address hosts in the public network. There should be a distinction between NAT solution and firewall solution. The confusion comes from the fact that a large number of software packages do both function within the same device which is labelled a NAT box (Balchunas, 2013). NAT is a solution that allows the connection several nodes by using a single public IP address that is often confused with a firewall solution, which is intended to implement the security procedures of the organization. The scheme of NAT is centred on the point that only a few dedicated...
Words: 2865 - Pages: 12