Trusting self-reported IP address

Last revision (mm/dd/yy): //

Vulnerabilities Table of Contents

Description
The use of IP addresses as authentication is flawed and can easily be spoofed by malicious users.

Consequences


 * Authentication: Malicious users can fake authentication information, impersonating any IP address

Exposure period


 * Design: Authentication methods are generally chosen during the design phase of development.

Platform


 * Languages: All
 * Operating platforms: All

Required resources

Any

Severity

High

Likelihood of exploit

High

As IP addresses can be easily spoofed, they do not constitute a valid authentication mechanism. Alternate methods should be used if significant authentication is necessary.

Risk Factors
TBD

Examples
In C/C++:

sd = socket(AF_INET, SOCK_DGRAM, 0); serv.sin_family = AF_INET; serv.sin_addr.s_addr = htonl(INADDR_ANY); servr.sin_port = htons(1008); bind(sd, (struct sockaddr *) & serv, sizeof(serv)); while (1) { memset(msg, 0x0, MAX_MSG); clilen = sizeof(cli); if (inet_ntoa(cli.sin_addr)==...) n = recvfrom(sd, msg, MAX_MSG, 0,             (struct sockaddr *) & cli, &clilen); }

In Java:

while(true) { DatagramPacket rp=new DatagramPacket(rData,rData.length); outSock.receive(rp); String in = new String(p.getData,0, rp.getLength); InetAddress IPAddress = rp.getAddress; int port = rp.getPort; if ((rp.getAddress==...) && (in==...)){ out = secret.getBytes; DatagramPacket sp =new DatagramPacket(out,out.length,     IPAddress, port); outSock.send(sp); } }

Related Attacks

 * Attack 1
 * Attack 2

Related Vulnerabilities

 * Trusting self-reported DNS name
 * Using the referer field for authentication

Related Controls

 * Design: Use other means of identity verification that cannot be simply spoofed.

Related Technical Impacts

 * Technical Impact 1
 * Technical Impact 2