[Term of the Day]: IP Hijacking
Term of the Day
"IP Hijacking"
What is IP Hijacking?
Internet Protocol Hijacking, also known as IP Spoofing is the creation of Internet Protocol (IP) packets which have a modified source address in order to either hide the identity of the sender, impersonate another computer, or both.
On a network, devices communicate by sending and receiving IP packets and constitutes the basis of the modern internet. All IP packets contain a header that precedes the body of the packet and contains important routing information, including the source address. In a normal packet, the source IP address is the address of the sender of the packet.
The objective of an IP Hijacking is to falsify the content in the Source IP header, usually with randomized numbers, either to mask the sender's identity and make the receiving computer system think the packet is from a trusted source, such as another computer on a legitimate network, and accept it. Because this occurs at the network level, there are no external signs of tampering and this technique is commonly used by hackers to perform malicious activities, such as Man in the Middle (MiTM), Denial of Service (DoS) and Dedicated Denial of Service (DDoS) attacks.
On some networks, the security of applications is maintained by specifying which IP addresses can access which resources. An IP spoofing attack happens when a hacker masks his identity by presenting themselves with the IP address of a legitimate device to gain access to resources that would otherwise be beyond their reach.
For instance, access to a server might be limited to a specific set or range of IP addresses. A hacker manipulates its network packets so that the sender's address reads like that of a legitimate computer. By doing this, the attacker tricks the server into thinking the packets are coming from an authorized device.