There are three security issues that are applicable to the IP protocol −
Let us discuss each issue in detail.
A guest may intercept an IP packet and create a copy of it.
The packet sniffing is generally a passive attack, where the attacker does not change the contents of the packet.
Packet sniffing attack is difficult to detect because here the sender and receiver doesn’t know that the packet has been copied.
Even though the packet sniffing cannot be stopped, the encryption of the packet can make the attacker’s effort useless. Still the attackers may sniff the packet, but the content is not detectable.
Packet Modification is the second type of attack which is helpful to modify the packet.
The attacker interrupts the packet, changes its contents, and sends the new packet to the receiver.
The receiver thought that the packet was coming from the original sender only. This type of attack is detected by using a data integrity mechanism.
Before opening and using the contents of the message the receiver can use this mechanism to verify that the packet has not been changed during the transmission.
An attacker can masquerade as somebody else and create an IP packet which carries the source address of another computer.
An attacker sends an IP packet to a bank pretending it is coming from one of the customers. This type of attack can be used to prevent by using an origin authentication mechanism
IPSec protocol is used in conjunction with the IP protocol.
It creates a connection-oriented service between two entities in which they can exchange IP packets without worrying about the Packet Sniffing, Packet Modification and IP Spoofing.
IPSEC provides four services they are as follows −
Defining Algorithms and Keys − The two entities used to create a secure channel between them can agree on some available algorithms and keys to be used for security purposes.
Packet Encryption − The packets exchanged between two parties can be encrypted for privacy using one of the encryption algorithms and shared key agreed upon in the first step. This makes the packet sniffing attack useless.
Data Integrity − Data integrity guarantees where the packet is not modified during the transmission. If the received packet does not pass the data integrity test, it is discarded. This prevents the packet modification.
Origin Authentication − IPSec can authenticate the origin of the packet to be sure that the packet is not created by an imposter. This can prevent IP spoofing attacks.