Trusting Self-reported IP Address |
Compound Element ID: 291 (Compound Element Variant: Composite) | Status: Incomplete |
Description Summary
The use of IP addresses as authentication is flawed and can easily be spoofed by malicious users.
Extended Description
As IP addresses can be easily spoofed, they do not constitute a valid authentication mechanism. Alternate methods should be used if significant authentication is necessary.
Scope | Effect |
---|---|
Authentication | Malicious users can fake authentication information, impersonating any IP address. |
Example 1
(Bad Code)
Example Languages: C and C++
sd = socket(AF_INET, SOCK_DGRAM, 0);
serv.sin_family = AF_INET;
serv.sin_addr.s_addr = htonl(INADDR_ANY);
servr.sin_port = htons(1008);
bind(sd, (struct sockaddr *) & serv, sizeof(serv));
while (1) {
memset(msg, 0x0, MAX_MSG);
clilen = sizeof(cli);
if (inet_ntoa(cli.sin_addr)==...) n = recvfrom(sd, msg, MAX_MSG, 0, (struct sockaddr *) & cli, &clilen);
}
(Bad Code)
Example Language: Java
while(true) {
DatagramPacket rp=new DatagramPacket(rData,rData.length);
outSock.receive(rp);
String in = new String(p.getData(),0, rp.getLength());
InetAddress IPAddress = rp.getAddress();
int port = rp.getPort();
if ((rp.getAddress()==...) & (in==...)) {
out = secret.getBytes();
DatagramPacket sp =new DatagramPacket(out,out.length, IPAddress, port); outSock.send(sp);
}
}
Phase: Architecture and Design Use other means of identity verification that cannot be simply spoofed. Possibilities include a username/password or certificate. |
Ordinality | Description |
---|---|
Resultant | (where the weakness is typically related to the presence of some other weaknesses) |
Nature | Type | ID | Name | View(s) this relationship pertains to |
---|---|---|---|---|
Requires | Weakness Base | 348 | Use of Less Trusted Source | Research Concepts1000 |
Requires | Weakness Base | 471 | Modification of Assumed-Immutable Data (MAID) | Research Concepts1000 |
ChildOf | Weakness Base | 290 | Authentication Bypass by Spoofing | Development Concepts (primary)699 Research Concepts (primary)1000 |
PeerOf | Weakness Variant | 292 | Trusting Self-reported DNS Name | Research Concepts1000 |
PeerOf | Weakness Variant | 293 | Using Referer Field for Authentication | Research Concepts1000 |
Mapped Taxonomy Name | Node ID | Fit | Mapped Node Name |
---|---|---|---|
CLASP | Trusting self-reported IP address |
CAPEC-ID | Attack Pattern Name | (CAPEC Version: 1.4) |
---|---|---|
4 | Using Alternative IP Address Encodings |