Implementación de controles para el diseño de redes que minimicen el impacto de las vulnerabilidades basadas en direcciones ip

Abstract

IP is a protocol of communication not save at all because it doesn’t guarantee the transference of packages from his origin direction until his destination, giving it different vulnerabilities that can be exploited for attacks such as: Man-in-the-middle (MITM), IP address suplantation, Denial of distributed service “Smurf”. This attacks are produced because of the poor security sending the packets ICMP through the network letting it been intercepted by a third person the that can modify or deleted any data, compromising security, integrity and disponibility of the information in the network. With the help of tools Ettercap and Hping3 it was possible to simulated this type of attacks inside a virtual environment (example) the one was designed by the usage of GNS3 where it could be emulated the network connection and VirtualBox for the virtualization of many hosts the one hat facilities the identification of necessary controls. The solution is based in an exhaustive research and analysis control that consist in the incrementing of security in the host network clients and level of the router, in the first ones we implement a control in the level of the table ARP and in the second one by the creation of access control list (ACL) for the purpose of ensuring that protocol IP protection is present in the real environment. Implemented the solution in the network, we got the evidence that the implemented controls prevent the correct operation of the network from being affected.