Obfuscation of destination IP address

10 pts.
IP address
Network security
A self proclaimed security architect told me that there were hacking attacks where the hacker "obfuscated" the destination IP address to confuse the router into forwarding the packet out all of its interfaces and subsiquently the packet would live forever. In my limited knowledge I was a bit sceptical. Since he would not explain exactly what was in the destination address field of the header, my question is this; what would a router do with a packet that had either no address or something other than an unicast/multicast address as its destination IP?

Answer Wiki

Thanks. We'll let you know when a new response is added.

I am sceptical as well… As far as a router is concerned, the destination IP is just 32 bits. The router examines the 32 bit number to determine whether it has a route that the destination IP address falls under. If it does, it forwards the packet out the appropriate interface, if it does not, it drops the packet and returns an ICMP unreachable. Most routers are intelligent enough, or programmed intelligently enough so that packets with inappropriate IP addresses are dropped.

Here is another way to look at it…

This is what your router sees (without the dots)
This is THE network address or as close to a packet with “no ip address” as you’re going to get
or in decimal

And this is the highest number your router can recognize
or in decimal

There is nothing that will fall outside of that. Even if you tried to send something bigger than this at your router, the number is simply going to go into other fields of the packet and get interpreted not as your destination address but something else (either source IP or part of the options field).

Tell your friend to visit www.ietf.org, read and learn RFC 791.

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Ledlincoln
    Kind of like that scary email that went out years ago, in the early days of viruses, that said there's a virus out there that puts your CPU into an "infinite binary loop" and causes it to melt down. ;-)
    1,620 pointsBadges:
  • Jfernatt
    lol, a customer of a good friend of mine had him come onsite because he was under the impression that he had been hacked. When my friend arrived onsite, the customer brought him to their conference table, set their router down on the table, and asked him whether or not the hackers were in the box (the router was completely disconnected and powered off on the table) Good stuff
    605 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: