Scribd Logo
Upload

Welcome to Scribd!

  • 6 views

    DA IV For ISA

    Uploaded by

    Ady Sarang

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    DA IV For ISA

    Uploaded by

    Ady Sarang
    6 views3 pages

    Original Title

    DA IV for ISA

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    6 views3 pages

    DA IV For ISA

    Uploaded by

    Ady Sarang

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 3

    Digital Assignment-IV

    Information Security Analysis and Audit


    CSE3501
    Slot:L27+L28
    Aditya Sarangarajan
    20BCE0985
    Q1)
    What is IP Spoofing?
    IP spoofing, or IP address spoofing, refers to the
    creation of Internet Protocol (IP) packets with a false
    source IP address to impersonate another computer
    system. IP spoofing allows cybercriminals to carry out
    malicious actions, often without detection. This might
    include stealing your data, infecting your device with
    malware, or crashing your server.

    How IP Spoof attack works:-


    Data transmitted over the internet is first broken into
    multiple packets, and those packets are sent
    independently and reassembled at the end. Each
    packet has an IP (Internet Protocol) header that
    contains information about the packet, including the
    source IP address and the destination IP address.
    In IP spoofing, a hacker uses tools to modify the
    source address in the packet header to make the
    receiving computer system think the packet is from a
    trusted source, such as another computer on a
    legitimate network, and accept it. This occurs at the
    network level, so there are no external signs of
    tampering.
    In systems that rely on trust relationships among
    networked computers, IP spoofing can be used to
    bypass IP address authentication. A concept
    sometimes referred to as the ‘castle and moat’
    defence, which is where those outside the network are
    considered threats, and those inside the ‘castle’ are
    trusted. Once a hacker breaches the network and
    makes it inside, it's easy to explore the system.
    Because of this vulnerability, using simple
    authentication as a defence strategy is increasingly
    being replaced by more robust security approaches,
    such as those with multi-step authentication.
    While cybercriminals often use IP spoofing to carry
    out online fraud and identity theft or shut down
    corporate websites and servers, there can also
    sometimes be legitimate uses. For example,
    organizations may use IP spoofing when testing
    websites before putting them live. This would involve
    creating thousands of virtual users to test the website
    to see if the site can handle a large volume of logins
    without being overwhelmed. IP spoofing is not illegal
    when used in this way.

    Q2)

    Q4)

    You might also like