The IP Spoofing

Online banking, marketing, retailing, registration, voting, conferencing and all internet-based transactions actually will be greatly affected if these attacks are not solved or prevented. Businesses would suffer from losses financially and governments would all the more suffer from criticisms as to integrity. It is therefore seriously desired to have a secure connection by all means possible. One way of achieving this is to limit spoofing risks on our networks.We must first understand what spoofing is and how it is achieved before we can discuss its prevention. A spoof as we know it is a parody. We see lots of movies that spoof other movies. What these movie spoofs do is act like or copy the real thing but with twists. In the same vein, spoofing in the Web attempts to gain access to a system by posing as a legitimate user. The only difference is that the results of spoofing the Web is far from funny, it is dangerous.Web spoofing has actually been likened to a con game in which “the attacker sets up a false but convincing world around the victim… that could endanger the privacy of World Wide Web users and the integrity of their data” (Felten et al.). There are several classes of spoofing such as TCP spoofing, where “packets are sent with forged return addresses” (Felten et al.). DNS spoofing, where “the attacker forges information about which machine names correspond to which network addresses” (Felten et al.), and IP spoofing where the attacker changes the source address in the IP datagram header for “some kind of malicious intent and [anonymity]” (Ali). Carley, Chen and Longstaff mentioned only this last class of spoofing and for good reason since it is considered as “one of the most common forms of online camouflage” (Tanase).IP spoofing is spoofing done in the IP layer of the TCP/IP suite.