Constructing inter-domain packet filters to control IP Forging

2011 3rd International Conference on Electronics Computer Technology Pub Date : 2011-04-08 DOI:10.1109/ICECTECH.2011.5942005

Srinivas Aluvala, P. Rao

{"title":"Constructing inter-domain packet filters to control IP Forging","authors":"Srinivas Aluvala, P. Rao","doi":"10.1109/ICECTECH.2011.5942005","DOIUrl":null,"url":null,"abstract":"IP spoofing is almost always used in what is currently one of the most difficult attacks to defend against-denial of service attacks, or DoS. Since crackers are concerned only with consuming bandwidth and resources, they need not worry about properly completing handshakes and transactions. Rather, they wish to flood the victim with as many packets as possible in a short amount of time. In order to prolong the effectiveness of the attack, they spoof source IP addresses to make tracing and stopping the DoS as difficult as possible. When multiple compromised hosts are participating in the attack, all sending spoofed traffic; it is very challenging to quickly block traffic. While some of the attacks described above are a bit outdated, Such as session hijacking for host-based authentication services, IP spoofing is still prevalent in network scanning and probes, as well as denial of service floods. However, the technique does not allow for anonymous Internet access, which is a common misconception for those unfamiliar with the practice. Any sort of spoofing beyond simple floods is relatively advanced and used in very specific instances such as evasion and connection hijacking.","PeriodicalId":184011,"journal":{"name":"2011 3rd International Conference on Electronics Computer Technology","volume":"36 5","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 3rd International Conference on Electronics Computer Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICECTECH.2011.5942005","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

Abstract

IP spoofing is almost always used in what is currently one of the most difficult attacks to defend against-denial of service attacks, or DoS. Since crackers are concerned only with consuming bandwidth and resources, they need not worry about properly completing handshakes and transactions. Rather, they wish to flood the victim with as many packets as possible in a short amount of time. In order to prolong the effectiveness of the attack, they spoof source IP addresses to make tracing and stopping the DoS as difficult as possible. When multiple compromised hosts are participating in the attack, all sending spoofed traffic; it is very challenging to quickly block traffic. While some of the attacks described above are a bit outdated, Such as session hijacking for host-based authentication services, IP spoofing is still prevalent in network scanning and probes, as well as denial of service floods. However, the technique does not allow for anonymous Internet access, which is a common misconception for those unfamiliar with the practice. Any sort of spoofing beyond simple floods is relatively advanced and used in very specific instances such as evasion and connection hijacking.

查看原文本刊更多论文

构建域间包过滤，控制IP伪造

IP欺骗几乎总是用于目前最难防御的攻击之一——拒绝服务攻击(DoS)。由于破解者只关心消耗带宽和资源，他们不需要担心正确完成握手和事务。相反，他们希望在短时间内用尽可能多的数据包淹没受害者。为了延长攻击的有效性，他们欺骗源IP地址，使跟踪和阻止DoS尽可能困难。当多个受损主机参与攻击时，都发送欺骗流量;快速阻塞交通是非常具有挑战性的。虽然上面描述的一些攻击有点过时，例如针对基于主机的身份验证服务的会话劫持，但IP欺骗在网络扫描和探测以及拒绝服务泛滥中仍然很普遍。然而，该技术不允许匿名上网，这是不熟悉这种做法的人常见的误解。除了简单的洪水攻击之外，任何类型的欺骗都是相对高级的，并且用于非常具体的情况，例如逃避和连接劫持。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2011 3rd International Conference on Electronics Computer Technology

自引率

0.00%

发文量