IP spoofing
i. Non-Blind Spoofing:
- In this type the attacker is on the same subnet as a victim. The sequence and acknowledgement numbers can be sniffed thereby eliminating the potential difficulty of calculating them accurately.
- The biggest threat of spoofing in this instance would be session hijacking which is accomplished by corrupting the data stream of an established connection and then re-establishing it based on the correct sequence and acknowledgement numbers with the attacked machine.
- Using this technique an attacker could effectively by pass any authentication measures taken place to build the connection.
ii. Blind Spoofing:
- In this type the sequence and acknowledgement numbers are unreachable. To beat this, several packets are sent to the target machine in order to sample sequence numbers.
- Nowadays OS implement random sequence number generation making it difficult to predict them accurately.
- Machines in the past used basic techniques for generating sequence numbers. If the sequence number was compromised data could be sent to the target.
iii. Man-in-the-Middle Attack:
- In these attacks an attacker intercepts a legitimate communication between two parties. The attacker then controls the flow of communication and can alter or eliminate the information sent by one of the original participant’s without the knowledge of either the original sender or the recipient.
- In this way an attacker can fool a victim into disclosing confidential data by spoofing the identity of the original sender who is presumably trusted by the recipient.
iv. Denial-of-Service Attack:
- A denial-of-service (DoS) attack is characterized by an explicit attempt by attackers to prevent legitimate users from using a particular service.
- DoS attack can include the following attempts- Flood a network, thereby forbidding legitimate network traffic. Disrupt connections between two hosts. Prevent a particular individual from accessing a service or vice versa.