Showing posts from February 20, 2001

Spoofing IP Addresses

TCP/IP is a protocol which has a long history of stabalization. The protocol which has come a long way since it first began is said to be almost perfect for the internet. However there are a few flaws in this protocol which have been recogonised as security hazards. IPv4's next version IPv6 addressess these issues effectively, but IPv6 has a long way to go before its implemented around the world. This article would give an insight to a IP loophole which allows "spoofing". Internet uses TCP/IP for all its communication. IP is a connectionless protocol on which TCP runs for reliable connection oriented protocols. Protocols like telnet,ftp,pop,smtp etc are all connection oriented and others like talk,icp,icq,dns etc use ip datagrams only. To start a TCP which is supposed to be much more secure and reliable, the server and client goes under what is known as "three way hand-shake". If you look at a simple telephone conversation initialization, the dialing of number c