How To Prevent IP Cheating
Nowadays, network security is becoming more and more important. It should not only prevent malicious users from phishing attacks, but also prevent them from doing illegal activities with overflow tools or IP spoofing. If they are successful, the cost of the enterprise will be great.
As an enterprise network management or personal user, it is better to defend itself against IP spoofing principles.
IP brief introduction
普通用户在网络协议中最常用到的要数TCP/IP协议和UDP协议,两者都是通过IP层交换数据包来进行规则通信,而IP在网络层中占据生要地位是不容替代的,其接收由最低层(网络接口层如以太网设备驱动程序)发来的数据包,并把该数据包转发到更高层---TCP或UDP层,或者将接收到的TCP或UDP层的数据包传送到更低层,不区分数据包发送的先后顺序,不检查数据包的完整性,虽然IP确认中包含一个IP source routing,但此选项是为了测试而存在,可以用来指定发送它的主机的地址(源地址)和接收它的主机的地址(目的地址),此点造成了被恶意用户用来欺骗系统进行平常被禁止的连接,使许多依靠IP源地址做确认的服务产生问题,并且很容易让恶意用户利用虚假数据包对其进行欺骗式入侵,因此IP数据包是不可靠的,是对信任关系的一种破坏。
IP spoofing process
IP deception is composed of several processes. When a malicious user selects a remote target trust host, its trust mechanism is put into full play under the circumstances of sufficient control, so that the target machine loses its ability to work and extracts the TCP serial number issued by the target to guess the serial number of the data. After successful, it starts to disguise the trusted remote computer, and establishes the connection based on the address verification. Once the connection is successful, the malicious user will replace the role of the trusted host, and use the relevant commands to place the backdoor program to carry out a series of malicious actions.
Untrusted hosts find that the TCP SYN drowns in the network is to use the client to send the SYN request to the server, and the server returns a SYN/ACK signal. Once the data exceeds the SYN request upper limit in the TCP processing module, the request for data connection beyond the queue length will be rejected. At this point, the malicious user will send a large number of legitimate virtual IP addresses to the TCP port of the target by using this characteristic, and the target machine responds to the signal immediately, but the signal can not connect to the host. At this point, the IP packet is notified that the attacked host TCP can not arrive, but the host TCP layer considers that the network connection is temporarily wrong, and attempts to connect again until it is sure that it can not connect. For
At this point, the IP deception won time to make malicious users use the IP address to cheat.
- Related reading
- Daily headlines | National Day Album: The Textile Industry Offers "The Technology, Fashion And Green" To The Motherland And Helps The Parade.
- News Republic | Witness The Honor And Glory Of Me -- Teachers And Students From Beijing Fashion Institute Of Communication Attended The Celebration Of The 70Th Anniversary Parade And Mass Parade.
- News Republic | Tribute To The Motherland - Fashion Holding Successfully Completed The 70Th Anniversary Day National Day Task
- Association dynamics | The Fifteenth Asian Textile Conference And The Ninth China Textile Annual Conference
- Expo News | Explore The New Trend Of Global Industry, "One Belt And One Road" Textile Cooperation Forum.
- Association dynamics | In The Past 70 Years, We Have Intensified Our Efforts To Take Stock Of China'S Textile Industry.
- Association dynamics | China Textile Institute: 63 Years Of Changing Team'S Inheritance And Mission
- Daily headlines | The Republic Was Founded 70Th Anniversary: The Textile Man Was Awarded The Celebration Badge. Industry Pride
- Shoe Market | Leather Shoes Also Have Black Technology China'S First Passive Intelligent Temperature Control Leather Shoes World'S First!
- Recommended topics | The World'S Economy And Environment Conference, China'S First Passive Intelligent Temperature Control Leather Shoes Amazing!
- How To Make The Thunder Look Down Without Looking At The Card?
- How To Stealth In LAN
- Clothing Enterprises: The More The Franchisees Really, The Better?
- Viewing Post 80'S Management From The Experiment Of White Mice
- Nearly 90% Failures In Olympic Marketing Of Local Brands
- Fang Xingdong: Internet Clothing PPG Does Not Have The Listing Conditions.
- From Wahaha Children'S Clothing To See The Dilemma Of Children'S Wear Brand Extension
- Clothing B2C Walks Down The Altar, After Sale Service Becomes "Bottleneck"
- Developers: The Breakthrough Way Of "Property Right" Shops
- Look At The Brand From The Child'S Crying And Parents' Eyes.