Chapter8 Phase3: Gaining Access Using Network Attacks

IP Address Spoofing

¨Changing or disguising the source IP address

¨used by Nmap in decoy mode

¨Used by Dsniff in dnsspoof attack

–DNS response sent by Dsniff contains source address of the DNS server

¨Used in denial-of-service attacks

¨Used in undermining Unix r-commands

¨Used with source routing attacks