World-wide-web protocol spoofing which is commonly known as ip spoofing is a ploy used by an attacker to make consumers think that the packets they are using come from a reliable source. The attacker creates ip packets with a counterfeit ip address that a consumer later uses without understanding that they are not from a trusted machine. Spoofing comes in many types such as blind spoofing, denial-of-service attack and non-blind spoofing. Attackers usually use this trick to hide wherever a computer is connecting from or which computer is accessing the network. Different men and women have different reasons as to why they would want to spoof the network. Some of the reasons could be for prison activities or to visit websites that have morally unacceptable content. Ip spoofing exposes one to loss of sensitive information or even harm to the overall network.
There are several ways to prevent ip spoofing. The initial method that you can use is to do away with host based network authentications. Host based authentication uses a public host key for authentication which is highly susceptible to hacking. So instead you ought to use network encryption for authentication. In encrypted networks, it is hard for an attacker to hack into your network considering it only sends encrypted packets over the network.
You could also use ingress filtering technique to rid your network from ip spoofing attacks. In this technique, all packets originating from a source outside the network are filtered at the gateway of the network with a source address within the network to confirm that they come from a reputable source. If the packets are ilauthentic they are blocked from your network.
You could also use engress filtering method to safeguard your network from theses attacks. In engress filtering, all packets originating from within the network are blocked from inside the network using a source address that is outside the network. They are scanned via a router or firewall and the packets that seem suspicious are with held. The method is effective in preventing an attacker within your network who could be filtering from launching his or her ip spoofing attack against an exterior machine. Usually ingress filtering is used collectively with engress filtering.
The other way to prevent ip spoofing is configuration of your directrs and Switches. This is done to make them support a specific configuration such that they will not accept packets that come from outside your local network and claim to have originated from within. You could also allow encryption periods on the courser that you are using so that trusted hosts outside your network can securely communicate with your local hosts. Use of authentication key exchange amongst machines on your network can substantially reduce spoofing attacks.
Using the reverse path forwarding ip verify technique you can prevent ip spoofing. In this method the reverse path forwarding takes the source of an IP address of a packet that is received from outside the network and appears up to confirm if the directr has a course in its table that can be used to reply to that packet. If none is found on the routing table, it is assumed that the packet has been spoofed and the directr drops the packet right away.
Raymond Newson specializes in writing and advising people on VPN technologies. By visiting his website VPNreviewz.com you can learn about strong vpn reviews and ipredator review.
