-: IP Spoofing :-
The term IP (Internet Protocol) address spoofing refers to the creation of IP
packets with a forged (spoofed) source IP address with the purpose of
concealing the identity of the sender or impersonating another computing
system.
For Check Your IP Address..
for see another IP address
Why it works ?
IP-Spoofing works because trusted services only rely on network address based
authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence
number prediction.
How it works ?
To completely understand how ip spoofing can take place, one must examine the
structure of the TCP/IP protocol suite. A basic understanding of these headers
and network exchanges is crucial to the process.
Internet Protocol (IP) :
It is a network protocol operating at layer 3 (network) of the OSI model. It is
a connectionless model, meaning there is no information regarding transaction
state, which is used to route packets on a network. Additionally, there is no
method in place to ensure that a packet is properly delivered to the
destination.
Your Browser and Server use TCP/IP
Browsers and servers
use TCP/IP to connect to the Internet.
A browser uses TCP/IP
to access a server. A server uses TCP/IP to send HTML back to a browser.
Your E-Mail uses TCP/IP
Your e-mail program
uses TCP/IP to connect to the Internet for sending and receiving e-mails.
Your Internet Address is TCP/IP
Your Internet address
"192.168.10.14" is a part of the standard TCP/IP protocol (and so is
your domain name).
What is TCP/IP?
TCP/IP is the
communication protocol for communication between computers on the Internet.
TCP/IP stands for Transmission
Control Protocol / Internet Protocol.
TCP/IP defines how
electronic devices (like computers) should be connected to the Internet, and
how data should be transmitted between them.
Inside TCP/IP
Inside the TCP/IP
standard there are several protocols for handling data communication:
- TCP (Transmission Control Protocol) communication
between applications
- UDP (User Datagram Protocol) simple communication
between applications
- IP (Internet Protocol) communication between computers
- ICMP (Internet Control Message Protocol) for errors and
statistics
- DHCP (Dynamic Host Configuration Protocol) for dynamic
addressing
TCP Uses a Fixed Connection
TCP is for
communication between applications.
If one application
wants to communicate with another via TCP, it sends a communication request.
This request must be sent to an exact address. After a "handshake"
between the two applications, TCP will set up a "full-duplex"
communication between the two applications.
The
"full-duplex" communication will occupy the communication line
between the two computers until it is closed by one of the two applications.
UDP is very similar to
TCP, but simpler and less reliable.
IP is Connection-Less
IP is for
communication between computers.
IP is a
"connection-less" communication protocol.
IP does not occupy the
communication line between two computers. IP reduces the need for network
lines. Each line can be used for communication between many different computers
at the same time.
With IP, messages (or
other data) are broken up into small independent "packets" and sent
between computers via the Internet.
IP is responsible for
"routing" each packet to the correct destination.
IP Routers
When an IP packet is
sent from a computer, it arrives at an IP router.
The IP router is responsible
for "routing" the packet to the correct destination, directly or via
another router.
The path the packet
will follow might be different from other packets of the same communication.
The router is responsible for the right addressing, depending on traffic
volume, errors in the network, or other parameters.
Connection-Less Analogy
Communicating via IP
is like sending a long letter as a large number of small postcards, each
finding its own (often different) way to the receiver.
TCP/IP
TCP/IP is TCP and IP
working together.
TCP takes care of the
communication between your application software (i.e. your browser) and your
network software.
IP takes care of the
communication with other computers.
TCP is responsible for
breaking data down into IP packets before they are sent, and for assembling the
packets when they arrive.
IP is responsible for
sending the packets to the correct destination.
IP Addresses
Each computer must
have an IP address before it can connect to the Internet.
Each IP packet must
have an address before it can be sent to another computer.
IP addess is the
identity of computer or website.
Domain Names
A name is much easier
to remember than a 12 digit number.
Names used for TCP/IP
addresses are called domain names.
google.com is a domain name.
When you address a web
site, like http://www.google.com, the name is translated to a number by a
Domain Name Server (DNS).
All over the world,
DNS servers are connected to the Internet. DNS servers are responsible for
translating domain names into TCP/IP addresses.
When a new domain name
is registered together with a TCP/IP address, DNS servers all over the world
are updated with this information.
TCP - Transmission Control Protocol
TCP is used for
transmission of data from an application to the network.
TCP is responsible for
breaking data down into IP packets before they are sent, and for assembling the
packets when they arrive.
IP - Internet Protocol
IP takes care of the communication with other computers.
IP is responsible for
the sending and receiving data packets over the Internet.
HTTP - Hyper Text Transfer Protocol
HTTP takes care of the
communication between a web server and a web browser.
HTTP is used for
sending requests from a web client (a browser) to a web server, returning web
content (web pages) from the server back to the client.
HTTPS - Secure HTTP
HTTPS takes care of
secure communication between a web server and a web browser.
HTTPS typically
handles credit card transactions and other sensitive data.
SSL - Secure Sockets Layer
The SSL protocol is
used for encryption of data for secure data transmission.
SMTP - Simple Mail Transfer Protocol
SMTP is used for
transmission of e-mails.
MIME - Multi-purpose Internet Mail Extensions
The MIME protocol lets
SMTP transmit multimedia files including voice, audio, and binary data across
TCP/IP networks.
IMAP - Internet Message Access Protocol
IMAP is used for
storing and retrieving e-mails.
POP - Post Office Protocol
POP is used for
downloading e-mails from an e-mail server to a personal computer.
FTP - File Transfer Protocol
FTP takes care of
transmission of files between computers.
NTP - Network Time Protocol
NTP is used to
synchronize the time (the clock) between computers.
DHCP - Dynamic Host Configuration Protocol
DHCP is used for
allocation of dynamic IP addresses to computers in a network.
SNMP - Simple Network Management Protocol
SNMP is used for
administration of computer networks.
LDAP - Lightweight Directory Access Protocol
LDAP is used for collecting
information about users and e-mail addresses from the internet.
ICMP - Internet Control Message Protocol
ICMP takes care of
error-handling in the network.
ARP - Address Resolution Protocol
ARP is used by IP to
find the hardware address of a computer network card based on the IP address.
RARP - Reverse Address Resolution Protocol
RARP is used by IP to
find the IP address based on the hardware address of a computer network card.
BOOTP - Boot Protocol
BOOTP is used for
booting (starting) computers from the network.
PPTP - Point to Point Tunneling Protocol
PPTP is used for
setting up a connection (tunnel) between private networks.
When you write an
email, you don't use TCP/IP.
When you write an
email, you use an email program like Lotus Notes, Microsoft Outlook or Netscape
Communicator.
Your Email Program Does
Your email program
uses different TCP/IP protocols:
- It sends your emails using SMTP
- It can download your emails from an email server using
POP
- It can connect to an email server using IMAP
SMTP - Simple Mail Transfer Protocol
The SMTP protocol is
used for the transmission of e-mails. SMTP takes care of sending your email to
another computer.
Normally your email is
sent to an email server (SMTP server), and then to another server or servers,
and finally to its destination.
SMTP can only transmit
pure text. It cannot transmit binary data like pictures, sounds or movies.
SMTP uses the MIME
protocol to send binary data across TCP/IP networks. The MIME protocol converts
binary data to pure text.
POP - Post Office Protocol
The POP protocol is
used by email programs (like Microsoft Outlook) to retrieve emails from an
email server.
If your email program
uses POP, all your emails are downloaded to your email program (also called
email client), each time it connects to your email server.
IMAP - Internet Message Access Protocol
The IMAP protocol is
used by email programs (like Microsoft Outlook) just like the POP protocol.
The main difference
between the IMAP protocol and the POP protocol is that the IMAP protocol will
not automatically download all your emails each time your email program
connects to your email server.
The IMAP protocol
allows you to look through your email messages at the email server before you
download them. With IMAP you can choose to download your messages or just
delete them. This way IMAP is perfect if you need to connect to your email
server from different locations, but only want to download your messages when
you are back in your office.