CSE3501 Slot:L27+L28 Aditya Sarangarajan 20BCE0985 Q1) What is IP Spoofing? IP spoofing, or IP address spoofing, refers to the creation of Internet Protocol (IP) packets with a false source IP address to impersonate another computer system. IP spoofing allows cybercriminals to carry out malicious actions, often without detection. This might include stealing your data, infecting your device with malware, or crashing your server.
How IP Spoof attack works:-
Data transmitted over the internet is first broken into multiple packets, and those packets are sent independently and reassembled at the end. Each packet has an IP (Internet Protocol) header that contains information about the packet, including the source IP address and the destination IP address. In IP spoofing, a hacker uses tools to modify the source address in the packet header to make the receiving computer system think the packet is from a trusted source, such as another computer on a legitimate network, and accept it. This occurs at the network level, so there are no external signs of tampering. In systems that rely on trust relationships among networked computers, IP spoofing can be used to bypass IP address authentication. A concept sometimes referred to as the ‘castle and moat’ defence, which is where those outside the network are considered threats, and those inside the ‘castle’ are trusted. Once a hacker breaches the network and makes it inside, it's easy to explore the system. Because of this vulnerability, using simple authentication as a defence strategy is increasingly being replaced by more robust security approaches, such as those with multi-step authentication. While cybercriminals often use IP spoofing to carry out online fraud and identity theft or shut down corporate websites and servers, there can also sometimes be legitimate uses. For example, organizations may use IP spoofing when testing websites before putting them live. This would involve creating thousands of virtual users to test the website to see if the site can handle a large volume of logins without being overwhelmed. IP spoofing is not illegal when used in this way.