How would you detect IP spoofing?

seenagapeJuly 6, 2013

Cyber Criminals have long employed the tactic of masking their true identity. In IP spoofing, an
attacker gains unauthorized access to a computer or a network by making it appear that a
malicious message has come from a trusted machine, by “spoofing” the IP address of that
machine.
How would you detect IP spoofing?

A.
Check the IPID of the spoofed packet and compare it with TLC checksum. If the numbers
match then it is spoofed packet

B.
Probe a SYN Scan on the claimed host and look for a response SYN/FIN packet,if the
connection completes then it is a spoofed packet

C.
Turn on ‘Enable Spoofed IP Detection’ in Wireshark,you will see a flag tick if the packet is
spoofed

D.
Sending a packet to the claimed host will result in a reply. If the TTL in the reply is not the same
as the packet being checked then it is a spoofed packet

One Comment on “How would you detect IP spoofing?”

miguel says:

June 10, 2014 at 11:28 am

D

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

How would you detect IP spoofing?

One Comment on “How would you detect IP spoofing?”

Leave a Reply Cancel reply