Idea Free 3G Gprs

Idea Free 3G Gprs Code

Hi This Time I Am Posting Free Gprs Trick For Idea Users Just Follow the Steps And Enjoy ...

This trick is fully tested with IDEA 3G network in west bengal. I’m getting upto 7.2Mbps browsing speed because it use the airtel 3Gnetwork in west bengal. And there is no IP proxy so you can all browseall types of websites like banking, Secure business email account or any personal login info.
How to Activate free IDEA 3G data plan:
*. Keep your prepaid main balance lower then Rs.1 INR then activate.
*. Dial *800*7# and wait for confirmation sms.
*. Now you successfully activated IDEA 20Mb free 3G Data free for same day.
*. Now you can activate it many of times. (But validity of data planis only for same day)

Note: Only try this trick with minimum balance IDEA Sim. (lower then 1 rupees)

 

Enjoyyy!!....

Unlimited 3G with limited plan

unlimited 3g hack with limited plan 2012

Hi Friends Here i am giving aircel 3g hack for unlimited 3G
Follow my steps


1.Recharge with any new 3g packs (7,17,37,128 etc)

2.Now you will get some data in 3g use that as you
wish

3.Download Software called mdma by CLICKING HERE


4.After finishing your 3G data connect Internet using
mdma (In GPRS/EDGE only mode)

5.Open your browser and just open any page (just
open Google)

6.Now change your connection typefrom Edge to 3G
(In 3G only mode).

7.Now check the internet speed……….. that’s it you
have done……

This trick is working fine in Kerala..
Test in your state
and reply here……

Note :If you use 7.2mbps modem the internet
          will disconnect while changing 2G to 3G..(I
           have tested that in Huawei E1732)
             But it is working fine on 3.6mbps..

Have Fun With Unlimited Aircel..Enjoy ...

Working Docomo Free 3G Gprs Code

HEY FRIENDS THIS TIME I AM GOING TO SHARE TATA DOCOMO WORKING FREE 3G GPRS TRICK CODE.. 

Just send WINDOWS to 54321 an this is it.

after some times you will get a message that your request has been for the free 500 MB free gprs has bees accepted. Your request will be proceded within 48 hours. 

 

 Enjoyy....

Free Live Cricket Scores With Any Operator

NOW GET FREE LIVE CRICKET SCORES IN YOUR MOBILE WITH ANY OPERATOR

HEY FRIENDS IF YOU WANT TO GET LIVE CRICKET SCORES IN YOUR MOBILE THEN JUST GIVE A MISSED CALL TO 18002081021

IT IS AN FREE SERVICE BY TEXTWEB 

NOTE: USE ANY THESE KIND OF TRICK WITH LOW BALANCE DO THAT IF ANYTHING WENT WRONG SO THERE WILL NO BALANCE DEDUCTION ...

 

ENJOY!!!! 

Best 10 free keyloggers download

DOWNLOAD FREE 10 BEST FREE KEYLOGGERS

MANY OF YOU MUST BE KNOWING BUT MANY OF YOU DON'T KNOW THAT WHAT IS A KEYLOGGER SO FIRST OF ALL I AM GOING TO TELL YOU THAT WHAT IS A KEYLOGGER 

 

Software-based keyloggers

A logfile from a software-based keylogger.

These are software programs designed to work on the target computer’s operating system. From a technical perspective there are five categories:

• Hypervisor-based: The keylogger can theoretically reside in a malware hypervisor running underneath the operating system, which remains untouched. It effectively becomes a virtual machine. Blue Pill is a conceptual example.
• Kernel-based: This method is difficult both to write and to combat. Such keyloggers reside at the kernel level and are thus difficult to detect, especially for user-mode applications. They are frequently implemented as rootkits that subvert the operating system kernel and gain unauthorized access to the hardware, making them very powerful. A keylogger using this method can act as a keyboard device driver for example, and thus gain access to any information typed on the keyboard as it goes to the operating system.
• API-based: These keyloggers hook keyboard APIs; the operating system then notifies the keylogger each time a key is pressed and the keylogger simply records it. Windows APIs such as GetAsyncKeyState(), GetForegroundWindow(), etc. are used to poll the state of the keyboard or to subscribe to keyboard events. These types of keyloggers are the easiest to write, but where constant polling of each key is required, they can cause a noticeable increase in CPU usage, and can also miss the occasional key. A more recent example simply polls the BIOS for pre-boot authentication PINs that have not been cleared from memory.
• Form grabbing based: Form grabbing-based keyloggers log web form submissions by recording the web browsing onsubmit event functions. This records form data before it is passed over the Internet and bypasses HTTPS encryption.
• Memory injection based: Memory Injection (MitB)-based keyloggers alter memory tables associated with the browser and other system functions to perform their logging functions. By patching the memory tables or injecting directly into memory, this technique can be used by malware authors who are looking to bypass Windows UAC (User Account Control). The Zeus and Spyeye Trojans use this method exclusively.
• Packet analyzers: This involves capturing network traffic associated with HTTP POST events to retrieve unencrypted passwords.

Remote access software keyloggers These are local software keyloggers with an added feature that allows access to the locally recorded data from a remote location. Remote communication may be achieved using one of these methods:

• Data is uploaded to a website, database or an FTP server.
• Data is periodically emailed to a pre-defined email address.
• Data is wirelessly transmitted by means of an attached hardware system.
• The software enables a remote login to the local machine from the Internet or the local network, for data logs stored on the target machine to be accessed.

Hardware-based keyloggers

A hardware-based keylogger.

A connected hardware-based keylogger.

Main article: Hardware keylogger

Hardware-based keyloggers do not depend upon any software being installed as they exist at a hardware level in a computer system.

• Firmware-based: BIOS-level firmware that handles keyboard events can be modified to record these events as they are processed. Physical and/or root-level access is required to the machine, and the software loaded into the BIOS needs to be created for the specific hardware that it will be running on.

• Keyboard hardware: Hardware keyloggers are used for keystroke logging by means of a hardware circuit that is attached somewhere in between the computer keyboard and the computer, typically inline with the keyboard's cable connector. More stealthy implementations can be installed or built into standard keyboards, so that no device is visible on the external cable. Both types log all keyboard activity to their internal memory, which can be subsequently accessed, for example, by typing in a secret key sequence. A hardware keylogger has an advantage over a software solution: it is not dependent on being installed on the target computer's operating system and therefore will not interfere with any program running on the target machine or be detected by any software. However its physical presence may be detected if, for example, it is installed outside the case as an inline device between the computer and the keyboard. Some of these implementations have the ability to be controlled and monitored remotely by means of a wireless communication standard.

• Wireless keyboard sniffers: These passive sniffers collect packets of data being transferred from a wireless keyboard and its receiver. As encryption may be used to secure the wireless communications between the two devices, this may need to be cracked beforehand if the transmissions are to be read.

• Keyboard overlays: Criminals have been known to use keyboard overlays on ATMs to capture people's PINs. Each keypress is registered by the keyboard of the ATM as well as the criminal's keypad that is placed over it. The device is designed to look like an integrated part of the machine so that bank customers are unaware of its presence.

• Acoustic keyloggers: Acoustic cryptanalysis can be used to monitor the sound created by someone typing on a computer. Each key on the keyboard makes a subtly different acoustic signature when struck. It is then possible to identify which keystroke signature relates to which keyboard character via statistical methods such as frequency analysis. The repetition frequency of similar acoustic keystroke signatures, the timings between different keyboard strokes and other context information such as the probable language in which the user is writing are used in this analysis to map sounds to letters. A fairly long recording (1000 or more keystrokes) is required so that a big enough sample is collected.

• Electromagnetic emissions: It is possible to capture the electromagnetic emissions of a wired keyboard from up to 20 metres (66 ft) away, without being physically wired to it. In 2009, Swiss researches tested 11 different USB, PS/2 and laptop keyboards in a semi-anechoic chamber and found them all vulnerable, primarily because of the prohibitive cost of adding shielding during manufacture. The researchers used a wide-band receiver to tune into the specific frequency of the emissions radiated from the keyboards.

• Optical surveillance: Optical surveillance, while not a keylogger in the classical sense, is nonetheless an approach that can be used to capture passwords or PINs. A strategically placed camera, such as a hidden surveillance camera at an ATM, can allow a criminal to watch a PIN or password being entered.

• Physical evidence: For a keypad that is used only to enter a security code, the keys which are in actual use will have evidence of use from many fingerprints. A passcode of four digits, if the four digits in question are known, is reduced from 10,000 possibilities to just 24 possibilities. These could then be used on separate occasions for a manual "brute force attack."

Anti keyloggers

Main article: Anti keylogger

An anti keylogger is a piece of software specifically designed to detect keyloggers on a computer, typically comparing all files in the computer against a database of keyloggers looking for similarities which might signal the presence of a hidden keylogger. As anti keyloggers have been designed specifically to detect keyloggers, they have the potential to be more effective than conventional anti virus software; some anti virus software do not consider certain keyloggers a virus, as under some circumstances a keylogger can be considered a legitimate piece of software

One-time passwords (OTP)

Using one-time passwords may be keylogger-safe, as each password is invalidated as soon as it's used. This solution may be useful for someone using a public computer, however an attacker who has remote control over such a computer can simply wait for the victim to enter his/her credentials before performing unauthorised transactions on their behalf while their session is active.





NOW THE KEYLOGGERS TO DOWNLOAD FOR FREE

1. REFOG Free Edition

Refog Free Keylogger beats competition in two respects: it’s simple to use and it’s free. REFOG Free Keylogger can look after your children without them even noticing. Even technically minded children won’t detect the key logger when it runs in a stealth mode. The program removes all the shortcuts and can be accessed only through a hot key combination. Running unobtrusively from the moment the system boots, REFOG Free Keylogger keeps track of all typed or pasted text.

     

 Download

 

 

2. Black box express [BEST ACCORDING TO ME]

Simple to use monitoring of one local computer; Monitor Screen recordings, Programs, Keystrokes typed, Websites, Web Searches, Emails/Webmails/ Instant Messenger Chat sent and received. Alerts and Warnings instantly or as a summary on your e-mail or cell phone. everything for 100% Free. No strings attached.

Download

3. Personal keylogger [EASY TO USE]

The Personal Keylogger application was designed to be a small tool that will allow you to secretly record all keystrokes and other input. All specific instructions are explained in the application. To exit it and receive your logs, you will need to enter in your keycode. If you have forgotten your keycode, you will need to restart the computer. Keycode is like password. To stop Personal keylogger, you can enter your keycode anywhere on the screen. Once you type-in your keycode, the keylogger will stop monitoring and the log.txt file will be created in your selected destination folder.

Download

4. Py keylogger

PyKeylogger is an easy-to-use and simple keylogger written in python. It is primarily designed for backup purposes, but can be used as a stealth keylogger, too. It does not raise any trust issues, since it is a short python script that you can easily examine. It is primarily designed for personal backup purposes, rather than stealth keylogging. Thus, it does not make explicit attempts to hide its presence from the operating system or the user. That said, the only way it is visible is that the process name shows up in the task list, so it is not  immediately apparent that there is a keylogger on the system.
Download

5. Heretic Macro

Heretic is a powerful tool that is able to record user events, such as mouse clicks and keys, into a C/Java-like script, and play that script either once or repeatedly. It has many commands for dynamic pixel-based botting, window based botting, and static botting/macro-ing (i.e. key presses, mouse clicks, mouse moves, and pauses).

Download

6. Ultimate Keylogger

Ultimate Keylogger Free is a free popular all-round monitoring solution. It runs in the background and monitors all typed keystrokes, applications, passwords, clipboard, email, and visited websites’ URLs. You can view the reports as HTML files. Ultimate Keylogger Free will help you to find out, what exactly took place in the system.

Download

7. Actual keylogger

It runs hidden in the background and automatically records all keystrokes (including Alt, Ctrl and other functional buttons). The interface can be password protected and the log files are encrypted. You can view the reports as HTML or plain text. In the hidden mode it is invisible in all operating systems.

Download

8. Revealer Keylogger Free Edition

Revealer Keylogger is surely the easiest and faster way to record keyboard inputs. There is almost nothing to configure, in fact everything is configured internally with the best settings. Free keylogger monitoring tool that logs every keystroke even passwords behind asterisks and conversations in common instant messengers. Its interface is password protected, the software does not appear in Add/Remove programs or in the taskbar.

Download

9. Romaco Keylogger

Romaco Keylogger is a small and easy to use tool that can log all key-presses that are made while it is running, and display them to you in its window. It automatically exports the logged text to a text file every 5 minutes, or manually. It can be hidden at the click of a button, and recalled by vigorously pressing one of the least used keys on the keyboard, the break key.

Download

10. KidLogger

KidLogger collects user activity journal on the Computer and creates detailed Analysis of the user activity available online. Creates the list of most used web sites. Record the text was typed on the keyboard in any application

Download

DOWNLOAD ANY OF THEM AND ENJOY !!!!!

Hack A Facebook Friend IP

  HACK A FACEBOOK FRIEND IP WHILE CHATTING

 

HI FRIENDS !! WE NORMALLY CHAT ONLINE WITH RANDOM PEOPLES MANY OF US DO .. BUT SOMETIMES WHEN WE CHAT WITH RANDOM PEOPLE THEN THEY DO SOMETHING WRONG LIKE ABUSE OR BULLYING ..... FOR THAT I AM GOING TO TELL YOU THE TRICK TO HACK THEIR EXACT POSITION ....

To Do so we will be using “netstat” command in windows. If you want to know the IP address of a specific person on facebook or orkut or any chat service, there is only one way: Just invite or ping him for a chat and while chat is ON open ‘Command Prompt‘ on your PC (Start >Run>cmd).
note: before trying this make sure you close all the other tabs in your browser. and only facebook is open. also if possible delete all the history and cache from your browser.


When command prompt opens Type the following command and hit Enter.

netstat -an

And you will get all established connections IP addresses there. Note down all the suspicious IP’s

The Next Step is to Trace that user using his IP address.

Their are many websites to trace location by ip....... if you know any of them  then you may go their but if you don't know then you can google it.. 

Have fun guys....

Ultoo Hack To Send 50 SMS With A Single Click

hey friends !! i have already shared some websites to earn free recharge.. .. there was a Website Ultoo which will give you money (20 Paise ) by sending one sms but now i have just got to know about a website by which you can send 50 sms at a click .. just follow the steps 

• first of all if you are not registered to Ultoo just click here.

  then open this website http://ultoo.lekhu.in/.

  now you will be able send 50 messages at once by ultoo 

  and you can earn rs 1 by sending 50 messages at a time.

   

   

  Enjoy!!!  

How to Recover Deleted Files

Hi friends .. Today i am going to share a great trick many of you must be knowing of it but many of you are not ... many times we permanently delete some files which are important..iam going to share a trick to recover those deleted files.

Here i am going to share some software from which you can recover your rermanently deleted files. 

1. Pandora Recovery
      Pandora Recovery is an excellent free file recovery software program. It’s super easy to use and has the best wizard to help you undelete files that I’ve seen in any file recovery app.
A more advanced “Surface Scan” is available in Pandora Recovery that should recover more files than the standard search as long as they are of a popular format.
Pandora Recovery will undelete files from hard drives, memory cards, etc. Nearly anything that stores files that you can also connect to your PC should be supported.

Download

2. Recuva

Recuva is the very best free file recovery software available, hands down. It’s very easy to use but has many optional advanced features as well.
Recuva can recover files from hard drives, external drives (USB drives, etc.) and memory cards. Recuva can even undelete files from your iPod!
Recuva will undelete files in Windows 7, Vista, XP, Server 2008/2003, and older Windows versions like 2000, NT, ME and 98. 64-bit Windows versions are also supported. There is also a 64-bit version Recuva available.
Piriform provides both an installable and a portable version of Recuva. I tested file recovery with Recuva using their portable version in Windows 7.

Download

 3. Free Undelete

FreeUndelete is self explanatory – it’s free and it undeletes files! FreeUndelete is another great file recovery tool, very similar to other undelete utilities.
The major advantage of FreeUndelete is its easy to use interface and “folder drill down” functionality (i.e. files available for recovery are not listed in a big, unmanageable listing).
FreeUndelete will recover files from hard drives, memory cards, and other similar storage devices in or connected to your PC.

Download

4. EASEUS Deleted File Recovery

EASEUS Deleted File Recovery is another great file undelete program. Recovering files is very easy to do with just a few clicks.
My favorite aspect of EASEUS Deleted File Recovery is that the user interface is structured much like Windows Explorer. While that may not be everyone’s ideal way to display files, it’s a very familiar interface that most people are comfortable with.
EASEUS Deleted File Recovery will undelete files from hard drives, optical drives, memory cards, and pretty much anything else that Windows sees as a storage device.

Download

5. Undelete Plus

Undelete Plus is a great free file recovery program but the program could use a serious face lift. The user interface needs work (i.e. some prominent buttons don’t seem to do much) but overall it’s an effective file recovery tool.
Undelete Plus can recover files from hard drives, external drives, and memory cards. Any drive using any popular file system should be accessible by Undelete Plus.
Undelete Plus will undelete files in Windows 7, Vista, XP, Server 2003, 2000, NT.
If you’ve been unsuccessful recovering files using other undelete programs on my list, try Undelete Plus. I don’t think it’s the best file recovery program out there but it might be the one that helps get your file back.

Download

 Have fun friends !! you can comment your problems.......... .

Some Websites To Get Free Recharge

Hi friends !! this post is specially for those who love to recharge online .........just open any one of the following websites and do the simple tasks or play game or quizes and earn free recharges online.Here are some names of the free recharge websites.

1.   Amulyam

2.   Ultoo .com 

3.   Onlinegamesnow

4.   Pickzup

5.   Rosevol

6.   Chatar-patar

7.   Bigmazaa          

8.   Embeepay

9.   Talktym 

   10.  Way2sms

    

   Open Any Of Them And Start Earning Your Recharges !!
   

 

IP Hacking

IP Address: On the Internet, each computer system is identified by its IP address. The work we do on the Internet is associated with the IP address of the system we are using. We know that every request or response process on the Internet is done on packets. The basic protocol for information exchange over the Internet is TCP/IP.

TCP stands for Transmission Control Protocol and IP stands for Internet Protocol (IP). When we request a webpage or other resource from a server the request is sent in the form of a TCP/IP packet. This packet contains some information about the request, source and destination, along with the data being sent. The source and destination keeps the IP address of the sender and receiver.

What is IP spoofing: IP spoofing is the process of replacing the source IP address with a fake IP address from the IP packets to hide the real identity of the sender. The source address is the address of the computer that the packet was sent from. By changing the address in the packet an attacker can make it appear that the packet was sent by a different computer system.

Figure 1: IP spoofing

See the above figure. Two computers, victim and partner, were communicating with each other. In the meantime, a sender (the attacker) also tries to communicate with the victim by forging the IP address and tries to fool the victim with the fake IP address of the partner. So the victim computer thinks that the packets came from the partner computer while we can see the original sender is the sender system which in this case is the attacker.

The term spoofing is also sometimes used to refer to header forgery because attacker forges the header of the packets with fake information.

This process is used to send fake mail, requests or other information with a fake IP address to mislead others about the information being sent. Hackers often use IP spoofing for sending spam mail and denial of service attacks. This protects the real identity of the hacker because the IP address sent with the packet belongs to someone else. When a machine replies to a spoofed packet, the response is sent back to the forged source address. So IP spoofing is used in an attack when the attacker does not care about the response.

How it works

Internet Protocol (IP) Packets

Internet Protocol is a network protocol operating at Layer 3 (network layer) of the OSI model. Each IP packet sent contains a header with the data. The header contains some information about the sender, receiver, and other things.

Figure 2: IP packet

The header part contains additional information including the IP address of sender and receiver. The data part contains the data being sent.

Figure 3: IP Header

We can see the structure of the IP header in Figure 2. It contains much useful information about the packet. We can see the fields for SOURCE IP ADDRESS and DESTINATION IP ADDRESS. Here the source IP address, the IP address of the sender’s machine, and the destination IP address is the IP address of the receiver’s machine.

Transmission Control Protocol (TCP):

TCP stands for the connection-oriented, reliable transport protocol in the TCP/IP suite. It uses 3-way handshaking (SYN-SYN/ACK-ACK) to establish the connection. In this protocol, reliability is provided by sequence numbers and acknowledgement. See the second and third row for sequence numbers and acknowledge number fields. TCP assigns sequence numbers to every segment and acknowledges all data segments received from the other end.

Figure 4: TCP Header

By forging the header of the packet, we can make a fake IP address appear in the source IP address part.

Some tools used in IP spoofing

How to spoof IP address:

Here I am going to show IP spoofing with the help of NMap. Nmap is also known as Network Mapper. This tool is a free and open source (license) utility for network exploration or security auditing.

First of all you need to select the interfaces to spoof from. To do this, run the command

Nmap –iflist

Use the “–e” argument in the interface you have selected. The “–S” parameter can be used to specify the IP address that nmap will use as the source address. It can be our real IP address or we can spoof the IP address.

nmap -e eth0 -S 192.168.1.100 192.168.1.109

In the above command, I have used the eth0 interface and spoofed a source IP of 192.168.1.10, while scanning 192.168.1.32.

Application of the attack: This attack is widely used in Denial of Service attacks. In denial of service attacks an attacker floods the victim with large amounts of traffic. In this example, an attacker does not care to receive the responses from sent packets. Using packets with spoofed addresses is an advantage for the attack as the attacker can send packets with many different spoofed addresses. This makes it hard to filter the packets, as they seem to come from different sources. Attackers use random sequences of IP addresses to send spoofed packets in the Denial of Service attack. This attack is impossible to filter on the systems which rely on the validity of the source IP address in attack packets.

IP spoofing is also an effective way to defeat the networks which use IP address-based authentication. This attack is easy to inflict on corporations which have internal systems that trust each other’s systems based on the IP address. By spoofing a connection from a trusted machine, an attacker may be able to access the target machine without authentication.

Attacks that are launched through IP spoofing

There are a few variations on the types of attacks that successfully employ IP spoofing. Although some are relatively dated, others are very pertinent to current security concerns.

Non-Blind Spoofing

Non-Blind Spoofing attacks work on those networks where the attacker and victim are on the same subnet. In this situation, the attacker can sniff the network packets to know the sequence and acknowledgement numbers being sent in the packets. The biggest threat of spoofing in this type of attack would be session hijacking. This can be done by corrupting the data stream of an established connection with a valid user, then re-establishing the connection based on the correct sequence and acknowledgement numbers with the attack machine. Here the attacker can easily bypass the authentication mechanisms because he has the correct sequence and acknowledgement numbers – and guessing these is the hardest part.

Blind Spoofing

This attack is complicated and difficult in comparison to the Non-Blind attack because the sequence and acknowledgement numbers cannot be sniffed. In order to get the correct sequence number and acknowledgement, the attacker will send several packets to the target machine, guessing sequence and acknowledgement numbers in order to sample sequence numbers. A few years back machines used formula based sequence number generators, so it was easy to generate the formula by analyzing just a few packets and TCP sessions. But nowadays these sequence numbers are generated randomly to make it unpredictable. After sending several packets there may be a possibility to guess the right sequence number. This attack takes a great deal of time and has a lesser probability of success.

Man-in-the-Middle Attack

The man-in-the-middle attack (MITM) is a common security violation that is formed by both types of spoofing we have discussed above. In this attack, an attacker intercepts a legitimate communication between two machines (server and client).Then, the attacker controls the flow of data. He can alter the information being exchanged by two machines without the knowledge of either the original sender or the recipient.

Denial of Service Attack

Denial of service is the main attack which uses IP spoofing and are the most difficult to defend against. In this attack the attacker only tries to consume the bandwidth and resource of a server. The attacker does not care about the response, so they need not worry about properly completing handshakes and transactions. In this attack an attacker only wishes to flood the victim’s machine with as many packets as possible in a short amount of time in order to make the victim’s machine inaccessible to valid users. The attacker uses random-source IP addresses to send packets to the target machine to make tracing and stopping the DoS as difficult as possible. Most of the servers use IP block mechanisms to prevent this type of flooding. Using random spoofed IP easily bypasses those security mechanisms.

Services vulnerable to IP spoofing

Configurations and services that are vulnerable to IP spoofing:

• RPC (Remote Procedure Call services)
• Any service that uses IP address authentication
• The X Window System
• The R services suite

Most popular tools used to modify packet headers:

Tools – For Windows

• Engage Packet Builder – Scriptable packet builder for Windows
• HPing – Command-line oriented TCP/IP packet assembler/analyzer
• Nemesis – Command-line portable IP stack
• PacketExcalibur – Graphical and scriptable network packet engine
• Scapy – Interactive packet manipulation tool
• Spoofer – IP Spoofing Tester
• Colasoft Packet Builder – Tool for creating custom network packets
• Colasoft Packet Player – Packet replay tool
• NMap – Utility for network exploration and security auditing

Tools – For Linux

• LSRscan – Loose Source Route Scanning Tool
• Scapy – Interactive packet manipulation tool
• Spoofer – IP Spoofing Tester
• Yersina – Tool to exploit weaknesses’ in different network protocols
• Sendip – Send completely arbitrary packets out over the network
• HPing – Command-line TCP/IP packet assembler/analyzer
• IRPAS – Internetwork Routing Portocol Attack Suite (File2Cable etc.)
• LSRtunnel – Loose Source Route Tunneling Tool
• Nemesis – Command-line portable IP stack
• NMap – Utility for network exploration and security auditing
• PacketExcalibur – Graphical and scriptable network packet engine

Defenses against IP Spoofing

There are a few precautions that can be taken to prevent IP Spoofing attacks on the network:

Filtering packets at the Router - Implementing ingress and egress filtering on your routers is the best defense against the IP spoofing attack. Ingress filtering is the process of blocking packets from outside the network with a source address inside the network. Egress filtering is the blocking of packets from inside the network with a source address that is not inside. You will also need to implement an ACL (access control list) that blocks private IP addresses on your downstream interface. On the upstream interface you should restrict source addresses outside of your valid range, which will prevent someone on your network from sending spoofed traffic to the Internet.

Encryption and Authentication - Implementing encryption and authentication will also reduce spoofing threats. Both of these features are included in IPv6, which will eliminate current spoofing threats. Host IP based authentication must not be used based on the IP address. It is recommended to design network protocols and services so that they do not rely on the IP source address for authentication.

Conclusion: IP spoofing is really easy because there are many tools available which allow users to edit packets and send packets from the IP. So performing IP spoofing is really simple, which leads to some big hacking operations. Although many servers have secure mechanisms to prevent spoofed packets, all those mechanisms are limited. Most of the networks still does not consider this attack. So their authentication based on IP address fails.

If we take a look at recent DOS attacks, most of the attackers are still untraceable because they have used IP spoofing to perform the attack and to prevent their real identity. So server administrators and network administrators must consider this attack while designing the security rules for their servers and networks. By considering some points, it’s easy to identify the forged packet with fake IP addresses.