IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [ip-spoofing]

IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking technique in which a cracker masquerades as a trusted host to conceal his identity, spoof a Web site, hijack browsers, or gain access to a network.

IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking technique in which a cracker masquerades as a trusted host to conceal his identity, spoof a Web site, hijack browsers, or gain access to a network.

177 questions
16
votes
2 answers

IP Spoofing: How secure is to control access by user’s public IP address?

We have a few Windows server VMs hosted in Amazon cloud. Users need to enter account and password to RDP to the VMs. The VMs’ RDP EndPoint (IP+Port) is public to the internet. As an extra security measure, we managed to restrict access to the RDP…
Allan Xu
  • 263
  • 1
  • 2
  • 4
9
votes
2 answers

Is IP spoofing still a threat in the Internet?

I heard that IP spoofing is now mostly blocked by ISPs, especially on the consumer-grade links. Is there any research on the number of networks that still allow users to spoof an IP packet with an address outside originating ISP?
d33tah
  • 6,544
  • 8
  • 40
  • 61
7
votes
2 answers

IP forgery (theories are fine)

Is there any (practical/theoretical) way to forge "IP address"? By forging I mean feed to the website the IP you want. Let take PHP as example: You need to change your IP address to this IP 225.225.225.225. In the final result…
rinchik
  • 193
  • 1
  • 6
7
votes
5 answers

GET request with different IPs

I need to check vulnerability in my polling system. So I need to send GET requests but every time with different IPs. Can anyone suggest something?
faikabd
  • 271
  • 1
  • 4
  • 7
6
votes
2 answers

How does IP address spoofing of a bad address work?

While reading up on iptables, I saw this article from NixCraft recommending that a server block the following bad addresses: 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 172.16.0.0/12 192.168.0.0/16 224.0.0.0/3 It doesn't say whether it is applicable for UDP,…
Question Overflow
  • 5,300
  • 6
  • 28
  • 48
6
votes
1 answer

Ingress RFC1918 spoofing: How to handle it?

I've seen packets originating from RFC1918 addresses from two fairly large european ISP's (ASN1257 & smaller ASN35706) coming in on eBGP transit links lately, and I'm a bit puzzled why it wouldn't be dropped by an ACL first entrance in my ISP's…
3molo
  • 163
  • 5
5
votes
2 answers

Why would the browser present the certificate for an unknown outside site?

The first time each day that I attempt click on the 'Mail' link from the Yahoo home page, my browser (Seamonkey) throws up a dialog with the title 'Secure connection failed'. The content in the dialog reads - ak1s.abmr.net:443 uses an invalid…
Everyone
  • 387
  • 3
  • 11
4
votes
3 answers

How to find the actual address of spoofed IPs?

I am convinced that it is possible to find out the real IP address of computer which has spoofed its address. I find it rather unlikely that no techniques exist against IP spoofing. How is it possible to find out the address of spoofed IPs? What…
Computernerd
  • 2,431
  • 9
  • 25
  • 30
3
votes
1 answer

Side Channel Attack Query

People Generally spoof their IP address by using any other device's ip address such as printer, scanner. My question is in this kind of particular attack why we are using these devices rather than traditional ones such as desktop computers,…
FrOgY
  • 329
  • 1
  • 11
3
votes
1 answer

Spoofing IP address as being local over the Internet

I know it is trivial to spoof your IP address with UDP: simply change the value of the source address in the IP header and the recipient has no idea where the packet actually came from. My question is whether I can put a local value in this header…
Luc
  • 32,911
  • 8
  • 78
  • 138
1
vote
3 answers

Need to learn about IP address

I work on a U.S. government crisis/suicide hotline as a rescue coordinator. We receive phone calls, (mostly cell) text and chat from all over the world. Most times the caller/chatter will not disclose their idenity. When the crisis responder feels…
John G.
  • 19
  • 3
1
vote
1 answer

Spoofing public IPv4 address

How can I spoof my public IPv4 address to another without using proxys? I don't need any response, the TCP handshake needn't be completed! I just want to send a SYN packet with spoofed (specific) source address! My problem is, that every packet I…
h4x0r
  • 48
  • 1
  • 6
1
vote
1 answer

Egress filtering - can it be relied upon on the Internet?

My understanding is that IP address spoofing would not be possible if all ISPs would be doing egress filtering. That is, each ISP would not allow any IP packet to go outside of it's network if it sees a source IP, which does not belong to the source…
Konstantin
  • 133
  • 5
0
votes
1 answer

Security against IP Spoofing without consulting network administrator

I was wondering that if there is a Local Area Network and one public IP,through which various clients connect(which have been allocated private IP's).Suppose one of the clients spoofs his IP to try to launch an attack against a server(say…
user1369975
  • 179
  • 2
  • 8
0
votes
1 answer

Spoofed IP addresses basics

I've been dealing with a hack on a site. I ended up wiping it and starting again - this was no loss as it was a small site and all content was backed up - took a couple of hours to get going again. I notice that the attackers were using many IP…
The Architect
  • 1
1
2