ip address and domain name
TRANSCRIPT
IP and Domain Checker, How to Find IP Address Server, How to Trace Someone IP
Address
Prepared by: Afrah SalmanSupervised by: Dr. Shaimaa
IP in Network Layer■ IP is the principal communications protocol in the internet protocol suite for relaying
datagrams across network boundaries. Its routing function enables internetworking, and
essentially establishes the internet.
■ IP has the task of delivering packets from the source host to the destination host solely based
on the IP addresses in the packet headers. For this purpose, IP defines packet structures that
encapsulate the data to be delivered. It also defines addressing methods that are used to label
the datagram with source and destination information.
What is IP address?
■ IP addresses can be either static or dynamic.
– Static IP addresses never change. They serve as a permanent Internet address and provide a simple and reliable way for remote computers to contact you.
– Dynamic IP addresses are temporary and are assigned each time a computer accesses the Internet. They are, in effect, borrowed from a pool of IP addresses that are shared among various computers.
■ a unique string of numbers separated by full stops that identifies each computer using the Internet Protocol to communicate over a network.
IP Spoofing■ By manipulating the TCP packet and changing the source address one is able to spoof the IP.
■ IP spoofing is the creation of IP packets using somebody else’s IP source addresses.
The system at the spoofed IP address will receive unsolicited connection attempts from the web
server that it will simply discard.
IP routing mechanism and problems
■ The IP routing mechanism is hop by hop. Every IP packet is routed separately. The
route of a IP packet is decided by all the routers the packet goes through.
■ IP address spoofing is possible because routers only require inspection of the
destination IP address in the packet to make routing decisions. The source IP
address is not required by routers and an invalid source IP address will not affect the
delivery of packets. That address is only used by the destination machine when it
responds back to the source.
IP address spoofing attacks1. Blind IP Spoofing: Usually the attacker does not have access to the reply, abuse trust relationship
between hosts. For example: host C sends an IP packet with the address of some other host (host
A) as the source address to host B. Attacked host (B) replies to the legitimate host (A).
2. Man-in-the-middle attacks: If an attacker controls a gateway that is in the delivery route, he can :
sniff the traffic intercept / block / delay traffic modify traffic
■ This is not easy in the Internet because of hop-by-hop routing, unless you control one of the backbone
hosts or source routing is used. This can also be done combined with IP source routing option. IP
source routing is used to specify the route in the delivery of a packet, which is independent of the
normal delivery mechanisms. If the traffic can be forced through specific routes (=specific hosts), and
if the reverse route is used to reply traffic, a host on the route can easily impersonate another host.
What is Domain name?
■ Domain names function on the Internet in a manner similar to a physical address in the physical world. Each part of the domain name provides specific information.
■ The universal resource locator, or URL, is an entire set of directions, and it contains extremely detailed information. The domain name is one of the pieces inside of a URL.
The difference between IP address and Domain name
■ The domain name functions as a link to the IP address. Links do not contain actual information, but they do point to the place where the IP address information resides. It is convenient to think of IP addresses as the actual code and the domain name as a nickname for that code.
■ An Internet Protocol, or IP, address is different than a domain name. The IP address is an actual set of numerical instructions. It communicates exact information about the address in a way that is useful to the computer but makes no sense to humans.
IP address and Domain name checker
■ The process of finding the host name (or domain name) from an IP address involves sending a message to the IP address and requesting the computer located at that IP address to return its name. Usually this will be the same as the domain name. However, many computers host many domains so the host name may be one of the domain names hosted or it could be something totally different.
■ The process of finding the IP address is achieved by searching the DNS (Domain Name Servers) until a match on the domain name is found. This process is also known as DNS lookup, NSLOOKUP or (erroneously) IP lookup.
■ There are some special IP addresses. 127.0.0.1 is always the IP address of every computer. No matter which computer you use, it will always have an IP address of 127.0.0.1 and a name of 'localhost'. In addition, a computer can have more than one IP address. In order to connect to other computers it will have an IP address that is known to other computers.
How to find the IP address of the server or website?
■ There are mainly 2 methods can help to locate the IP address of the server or website.
1. Go to command prompt and type ipconfig and then press enter ,so u will find the IP address.
2. Trace a path by using the tracert command – Open Command Prompt, and type the following: – Tracert HostName Or tracert IPAddress – where HostName or IPAddress is the host name or IP address, of the remote
computer. – For example, tracert www.microsoft.com – If you do not want the tracert command to resolve and display the names of all
routers in the path, use the -d parameter.– For example, tracert -d www.microsoft.com
How to translate Domain name into IP address?
■ For example, type Nslookup ftp.microsoft.com to look up the IP address of the Microsoft File Transfer Protocol (FTP) server.
■ We can use the specialized command in Windows Nslookup to quickly convert a fully qualified domain name to its IP address.
■ Can you answer the following questions?1. What is IP spoofing?
2. Why is IP spoofing possible?
3. What is the reason to spoof an IP address?
4. Can you use IP spoofing for anonymous web surfing?
5. What can you do against IP spoofing?
■ Answers: 1. IP spoofing is to fake IP packets with a foreign IP source address
2. Because the IP protocol is very limited and the network routers do not care about source IP addresses.
3. The main purpose is hacking
4. No, because the packets does not find back the way to you (your source address is spoofed)
5. You cannot do anything to be completely secure. But there are same technics to reduce the problem of IP spoofing:
• Use ICMP packets instead of IP packets • Packet filtering • Encrypt the data so the hacker cannot abuse the connection.
Thanks forYour attention