IP address forgery, host file hijack or spoofing are hijacking methods in which a malicious party impersonates as a trusted host provider, for the purposes of accessing any browser, website or network. Typically, the IP address of a legitimate host is obtained with the intent of spamming, traffic theft or outright service attacks. With the packet headers being altered, the legitimate host appears to be the source.
Is My Computer At Risk?
First step, log onto your router checking the configuration setting via web interface. Considering the various brands of routers out on the market, consult the user manual. However many can be accessed from the default IP address 192.168.1.1. Once this is complete, review each setting until arriving at the Network Address Translation (or NAT) option. Turn off the capability which allows NAT-PMP on untrusted network interfaces.
Prevention is key, so be proactive! Reversing the effects of such attacks can prove to be expensive and time consuming. Here are a few tips:
1. Verify the security of your router. Be certain to change the factory default username/password. Go to the browser address bar and enter 192.168.1.1.
2. Always utilize a SSL certificate and establish a session timeout.
3. Adding a series of numbers into your session cookie and encrypt. Change this frequently, reissuing the cookie. Attackers will likely use an earlier intercepted cookie with the incorrect number, causing the password to expire.
4. Reset proxy settings and double-check your browser’s home page.
5. Enable Firewall Protection. This is best defense against hostile attacks coming from the web. Be sure that it does not block the 192.168.1.1 connection. This is needed for internet access
Following these steps, along with the manufacturer guidelines, will go a long way in decreasing vulnerability to security attacks.