Sau chữ an toàn thưởng có chữ bảo mật để mở rộng khía cạnh đảm bảo bí mật về nội dung thông vậy, an toàn bảo mật hệ thống thông tin là đảm bảo hoạt động lưu thông và nội dung bí mật cho những thành phần của hệ thống ở mức độ chấp nhận được. | IP address spoofing IP fragmentation attack network ID and subnet mask uses IP address restriction. Access may then be either allowed or denied for each address or block of addresses. Another example is the Apache Web server where access to Web content can be controlled using IP addresses by configuring the .htaccess file on UNIX platforms. IP address restriction is considered a weak form of access control since attackers may be able to circumvent such restrictions by spoofing the source addresses of IP packets. Notes A related method of controlling access is domain name restriction which restricts access based on the Domain Name System DNS domain to which the host trying to obtain access belongs. See Also access control .htaccess IP address spoofing Rlogin spoofing IP address spoofing The process of falsifying the source Internet Protocol IP address of IP packets. Overview IP address spoofing or simply IP spoofing is a method used by intruders to impersonate trusted systems. By default routers generally ignore source IP addresses when routing packets and they use only destination IP addresses to ensure packets reach their intended destination. The result is that an attacker who forges IP packets containing source addresses of trusted systems may be able to circumvent router security and initiate denial of service DoS attacks redirect traffic or hijack sessions using man-in-the-middle MITM attacks. IP spoofing is especially a hazard on UNIX platforms running such applications as Rsh or Rlogin that authenticate connections using source IP addresses stored in .rhosts files. IP address authentication is a weak form of authentication supported by many UNIX applications and should be replaced by password authentication to ensure security. The standard approach for preventing IP spoofing attacks is to configure ingress filters on routers or firewalls in order to deny any inbound traffic whose source address is from a trusted host on your internal network. When an .