As we have covered almost all topics of scanning this is the last topic that come under scanning….
First of all ..
WHAT IS IP SPOOFING??
Ip spoofing is basically encrypting your Ip address so that it appears something else to attacker or victim i.e it is the virtual Ip address..
~ IP Spoofing is when an attacker changes his IP address so that he appears to be someone else.
~ When the victim replies back to the address, it goes back to the spoofed address and not to the attacker’s real address.
~ You will not be able to complete the three-way handshake and open a successful TCP connection by spoofing an IP address.
You Will Better Understand It With SNAPSHOT..
HOW TO DETECT IP SPOOFING ??
When an attacker is spoofing packets, he is usually at a different location than the address being spoofed
Attacker’s TTL(Time to Live i.e Time for which IP is allocated for use) will be different from the spoofed address’ real TTL. If you check the received packet’s TTL with spoofed one, you will see TTL doesn’t match.
These things are blocked in latest versions of Windows i.e after SP3. Firewall will itself block any spoofing attacks…
This Is all about the IP spoofing and Scanning Part.
The Next Two Parts of upcoming class:
1. How to Protect Yourself From Scanning .
2. How to Hack Websites Using things that We Studied until Now . A little SQL injection tutorial is also required for that. We will try to cover it as quick as Possible..
If you have any doubts about Ip spoofing you can ask..