IP crime has been around as long as the internet because the IP, or Internet Protocol, is the tool by which the internet is allowed to work. We should also distinguish IP crime – Internet protocol crime is where criminal misuse of Internet Protocol is used in the commission of a crime whereas, Intellectual Property Crime (also confusingly known as “IP Crime”), refers to the criminal misuse of intellectual property such as illegal duplication of compact or digital video disks.
To understand IP Crime, we need to understand what an IP address is and how the internet and the machines and hardware which go to form the infrastructure make use of them.
Every machine connected to the internet; computers, laptops, cell phones, routers, printers and many more, all have an assigned IP address. You may have already seen an IP address and they typically look like this:
255.12.36.99
Four sets of numbers separated by three dots – the dots have no significance and are there to let humans read the numbers more easily. The computer does not use these numbers as we see them but uses their “binary” equivalent – without going into detail; this is simply a numbering system which uses only two digits, 0 and 1. Whenever machines are talking to each other or simply passing on information as part of the network which allows the internet to operate, they do this by using IP addresses.
The issue is that IP addresses can very easily be replicated or “spoofed” – this means that a machine used by a criminal, can tell another machine, such as your laptop, that it has an IP address which the target knows is “friendly”. It therefore is happy to communicate and share some, and we stress only some information but this opens a chink in the security of the target. By allowing a criminal a small degree of access to a target machine, they can, if security is not tight enough or if the criminal’s technical expertise is up to the task, which allows greater exploitation.
This ability to “spoof” an IP address makes use of the weak authentication inherent in the IP system. This means that your computer or network security must be imposed at a higher level than the IP address, and typically this involves cryptographic techniques which are embedded into applications which you use.
By sending spoof IP information, the criminal may be able to get the target machine or network to perform some action which allows further entry or stops other security protections from operating. Some applications still rely on IP address information and they are susceptible to coming under the control of an attacker with that information. Examples include where login information is processed at the IP address level and where the hacker is given access to the system or an application simply because they possess the IP address which unlocks their security.
IP Session Hacking is another form of IP crime which requires a greater degree of sophistication than IP spoofing. Nevertheless, it is a very dangerous form of attack because the user is unaware that they have now had control of their machine taken away from them. An example is where a user is writing an email, in the middle of the email the session is hijacked by the criminal but what the user sees is they have been logged off or lost a connection. This happens, so they simply log back on again and continue, blissfully unaware that everything they do on the machine can now be done by the hijacker, such as accessing online banking or opening sensitive documents.
Author Resource:
Lawrence Reaves works for PLANIT Technology Group, a leading provider of Richmond IT Services such as Richmond enterprise storage and Richmond network security. PLANIT can be found online at: http://www.planittech.com .
![[Valid RSS feed]](http://www.look4articles.com/images/icon_Rss.png "XML Feed For RSS"){kind=icon}
Category Rss Feed
Print This Article
Add To Favorites
![[Valid RSS feed]](http://www.look4articles.com/images/rss.jpg "XML Feed For RSS")