Linux Today: Linux News On Internet Time.

More on LinuxToday

Linux.com: An Overview of TCP and IP Spoofing

Jun 12, 2000, 11:03 (0 Talkback[s])
(Other stories by Kapil Sharma)

"A spoofing attack involves forging one's source IP address. It is the act of using one machine to impersonate another. Most of the applications and tools in Unix systems, including Linux, rely on source IP address authentication, and many developers have used host-based access controls to secure their networks. The source IP address is a unique identifier, but it is not a reliable one. It can easily be spoofed."

"To understand the spoofing process, I will begin by explaining the TCP and IP authentication process. Then I will discuss how an attacker can spoof your network."

"TCP uses sequence numbers. When a virtual circuit establishes between two hosts, TCP assigns each packet a number as an identifying index. Both hosts use this number for error-checking and reporting."

Complete Story

Related Stories: