How would you detect IP spoofing?

Posted by: Pdfprep Category: CEH-001 Tags: , ,

Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine, by "spoofing" the IP address of that machine.

How would you detect IP spoofing?
A . Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers match then it is spoofed packet
B . Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet, if the connection completes then it is a spoofed packet
C . Turn on ‘Enable Spoofed IP Detection’ in Wireshark, you will see a flag tick if the packet is spoofed
D . Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same as the packet being checked then it is a spoofed packet

Answer: D

Leave a Reply

Your email address will not be published.