ATTACKS USING IP SPOOFING
IP-spoofing is complex technical attack that is made up of several components. In actuality, IP-spoofing is not the attack, but a step in the attack. The attack is actually trust-relationship exploitation.
IP-spoofing consists of several steps. First, the target host is chosen. Next, a pattern of trust is discovered, along with a trusted host. The trusted host is then disabled, and the target’s TCP sequence numbers are sampled. The trusted host is impersonated, the sequence numbers guessed, and a connection attempt is made to a service that only requires address-based authentication. If successful, the attacker executes a simple command to leave a backdoor.
(more…)
IPTABLES
Introduction
The Internet Protocol (IP) is a data oriented protocol that allows multiple hosts to talk to each other across network connections. Data in an IP network are sent in blocks referred to as packets or datagrams. They typically have a source host, destination host, and source and destination ports associated with the communication. Layered on top of the IP protocol are other protocols. These are typically transport layers. There are two main transport protocols that are heavily used. Transmission control protocol (TCP) is a stateful delivery mechanism that makes a best effort to deliver the packets requested. If the first attempt fails, multiple attempts are made to route and deliver the packet. This protocol is very good at delivering text files that can not tolerate data corruption. With this protocol clients have the ability to request redelivery of packets that were not properly received and can handle our of order delivery of packets. This protocol is very good for applications like patch delivery, email, network file shares, and web pages. It is not very good for delivery of streaming video or voice over IP applications. (more…)
