prev
next
out of 29

Spoofing 1

Embed Size (px)

Citation preview

  • 8/2/2019 Spoofing 1

    1/29

    WHAT YOU SEE

    IS NOT

  • 8/2/2019 Spoofing 1

    2/29

    KALLOL CHAKMA

    MCE-04505189

    DEBARGHYA KUNDU SETU

    MCE-04505187

    MD. HEDAYET HOSSAIN

    MCE-04505191

  • 8/2/2019 Spoofing 1

    3/29

    Spoofing is the action of making somethinglook like something that it is not in order to

    gain unauthorized access to a user's privateinformation.

    The term spoofingis also sometimes used to

    refer to header forgery.

  • 8/2/2019 Spoofing 1

    4/29

    The context of network security, a spoofing

    attack is a situation in which one person orprogram successfully masquerades as anotherby falsifying data and thereby gaining anillegitimate advantage.

  • 8/2/2019 Spoofing 1

    5/29

    IP address spoofing Email spoofingCaller ID spoofing Website spoofingMAC spoofing ARP spoofingDNS spoofing Protocol spoofingSMS spoofing Login spoofing

    http://en.wikipedia.org/wiki/IP_address_spoofinghttp://en.wikipedia.org/wiki/Email_spoofinghttp://en.wikipedia.org/wiki/Caller_ID_spoofinghttp://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/ARP_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/ARP_spoofinghttp://en.wikipedia.org/wiki/ARP_spoofinghttp://en.wikipedia.org/wiki/ARP_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/Caller_ID_spoofinghttp://en.wikipedia.org/wiki/Caller_ID_spoofinghttp://en.wikipedia.org/wiki/Caller_ID_spoofinghttp://en.wikipedia.org/wiki/Email_spoofinghttp://en.wikipedia.org/wiki/Email_spoofinghttp://en.wikipedia.org/wiki/Email_spoofinghttp://en.wikipedia.org/wiki/IP_address_spoofinghttp://en.wikipedia.org/wiki/IP_address_spoofinghttp://en.wikipedia.org/wiki/IP_address_spoofing

  • 8/2/2019 Spoofing 1

    6/29

    IP address spoofing or IP spoofing refers to the

    creation of Internet Protocolpackets with a forged

    source IP address, called spoofing, with the

    purpose of concealing the identity of the sender or

    impersonating another computing system.

    http://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Packet_(information_technology)http://en.wikipedia.org/wiki/IP_addresshttp://en.wikipedia.org/wiki/IP_addresshttp://en.wikipedia.org/wiki/Packet_(information_technology)http://en.wikipedia.org/wiki/Internet_Protocol

  • 8/2/2019 Spoofing 1

    7/29

    Email spoofing may occur in different forms,but all have a similar result: a user receivesemail that appears to have originated from onesource when it actually was sent from another

    source. Email spoofing is often an attempt totrick the user into making a damagingstatement or releasing sensitive information

  • 8/2/2019 Spoofing 1

    8/29

    Caller ID spoofingis the practice of causingthe telephone network to display a number onthe recipient's Caller ID Display that is not

    that of the actual originating station.

  • 8/2/2019 Spoofing 1

    9/29

    Web spoofing is a kind of electronic con gamein which the attacker creates a convincing butfalse copy of the entire World Wide Web. The

    false Web looks just like the real one: it has allthe same pages and links. However, theattacker controls the false Web, so that allnetwork traffic between the victims browser

    and the Web goes through the attacker.

    http://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/Website_spoofinghttp://en.wikipedia.org/wiki/Website_spoofing

  • 8/2/2019 Spoofing 1

    10/29

    The MAC address of the network card is a

    unique identifier assigned to each Ethernet

    card. Network administrators can locally

    find the MAC address of a machine by either

    sniffing traffic from the wire or bydownloading ARP tables from routers.

    Therefore, hackers on internal networks

    (such as corporations or universities) will

    often try to hide their MAC address.

    http://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofinghttp://en.wikipedia.org/wiki/MAC_spoofing

  • 8/2/2019 Spoofing 1

    11/29

    ARP spoofingis a computer hacking techniquewhereby an attacker sends fake orspoofed ADDRESS RESOLUTION

    PROTOCOL messages onto a Local AreaNetwork. Generally, the aim is to associate theattacker's MAC Address with the IP Address ofanother host (such as the default gateway),

    causing any traffic meant for that IP address tobe sent to the attacker instead.

  • 8/2/2019 Spoofing 1

    12/29

    DNS spoofing(or DNS cache poisoning) isa computer hacking attack, whereby data isintroduced into a Domain Name

    System (DNS) name servers cache database,causing the name server to return anincorrect IP Address ,diverting traffic toanother computer (often the attacker's)

    http://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofinghttp://en.wikipedia.org/wiki/DNS_spoofing

  • 8/2/2019 Spoofing 1

    13/29

    Protocol spoofingis used in datacommunications to improve performance insituations where an existing protocol is

    inadequate, for example due to long delays orhigh error rates.

    http://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofinghttp://en.wikipedia.org/wiki/Protocol_spoofing

  • 8/2/2019 Spoofing 1

    14/29

    SMS spoofingis a relatively new technologywhich uses the (SMS), available on most mobilephones and personal digital assistants, to set

    who the message appears to come from byreplacing the originating mobile number(Sender ID) with alphanumeric text.

    http://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofinghttp://en.wikipedia.org/wiki/SMS_spoofing

  • 8/2/2019 Spoofing 1

    15/29

    Login spoofingare techniques used to steal auser's password. The user is presented with anordinary looking login prompt for username

    and password, which is actually a maliciousprogram, usually called a Trojan Horse underthe control of the attacker. When the usernameand password are entered, this information is

    logged or in some way passed along to theattacker, breaching security.

    http://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/Login_spoofinghttp://en.wikipedia.org/wiki/Login_spoofing

  • 8/2/2019 Spoofing 1

    16/29

    IP spoofing is a technique used to gainunauthorized access to computers, where bythe attacker sends messages to a computer with

    a forging IP address indicating that themessage is coming from a trusted host.

    Attacker puts an internal, or trusted, IP addressas its source. The access control device sees the

    IP address as trusted and lets it through.

  • 8/2/2019 Spoofing 1

    17/29

    Uses for IP spoofing include thefollowing: IP spoofing is usually limited to the

    injection of malicious data orcommands into an existing stream ofdata.A hacker changes the routing tables to

    point to the spoofed IP address, thenthe hacker can receive all the networkpackets that are addressed to thespoofed address and reply just as anytrusted user can.

  • 8/2/2019 Spoofing 1

    18/29

    Basic Concept of IP Spoofing

    A

    10.10.10.1

    www.carleton.ca

    134.117.1.60

    http://www.carleton.ca

    10.10.10.1

    Src_IP

    134.117.1.60

    dst_IP

    Any (>1024)

    Src_port

    80

    dst_port

    11.11.11.1

    Src_IP

    134.117.1.60

    dst_IP

    Any (>1024)

    Src_port

    80

    dst_port

    spoofed

  • 8/2/2019 Spoofing 1

    19/29

    sender

    victim

    partner

    Oh, my partner sentme a packet. Ill

    process this.

  • 8/2/2019 Spoofing 1

    20/29

    Man-in-the-Middle attack In a Man-in-the-Middle attack, the message sent to a

    recipient is intercepted by a third-party whichmanipulates the packets and resends it ownmessage.

    Denial of Service (DoS) Attack A DoS attack is when a attacker floods a system with

    more packets than its resources can handle.

  • 8/2/2019 Spoofing 1

    21/29

    If you monitor packets using network-monitoringsoftware such as netlog, look for a packet on yourexternal interface that has both its source anddestination IP addresses in your local domain. If you

    find one, you are currently under attack.

  • 8/2/2019 Spoofing 1

    22/29

    Monitoring packets using network monitoringsoftware.

    Installing a filtering router because Packet

    filtering is one defense against IP spoofingattacks

    It is also recommended to design networkprotocols and services so that they do not relyon the IP source address for authentication.

  • 8/2/2019 Spoofing 1

    23/29

    To prevent IP spoofing happen in your network, thefollowing are some common practices:

    1- Avoid using the source address authentication. Implementcryptographic authentication system-wide.

    2- Configuring your network to reject packets from the Net thatclaim to originate from a local address.

    If you allow outside connections from trusted hosts, enable

    encryption sessions at the router.

  • 8/2/2019 Spoofing 1

    24/29

    Email spoofing is email activity in which thesender address and other parts of the emailheader are altered to appear as though the emailoriginated from a different source. Because core

    SMTP doesn't provide any authentication, it iseasy to impersonate and forge emails.

    Altering the header of an email so that the emailappears to be sent from someone else.

    Although there are legitimate uses, thesetechniques are also commonly used in spam andphishing emails to hide the origin of the emailmessage.

  • 8/2/2019 Spoofing 1

    25/29

    Really?

  • 8/2/2019 Spoofing 1

    26/29

  • 8/2/2019 Spoofing 1

    27/29

    Check the content of the email:

    Is the content weird in some way, or really unexpected

    from the sender? Does it contain a form?

    Does it request to either confirm or update login or anykind of information?

    Check the header of the email

  • 8/2/2019 Spoofing 1

    28/29

    Mail Server Authentication

    Digitally Signed Email with Desktop Verification

    Digitally Signed Email with Gateway Verification

    Mail Server IP Verification

  • 8/2/2019 Spoofing 1

    29/29


Arp Spoofing Handout

Arp Spoofing Handout

Documents
DNS Spoofing

DNS Spoofing

Documents
Spoofing Techniques

Spoofing Techniques

Documents
Spoofing( 스푸핑 )

Spoofing( 스푸핑 )

Documents
Spoofing Rafael Sabino 10/28/2004. Introduction What is spoofing? Context and Security relevant decisions Phishing Web spoofing Remedies

Spoofing Rafael Sabino 10/28/2004. Introduction What is spoofing? Context and Security relevant decisions Phishing Web spoofing Remedies

Documents
Ip Spoofing

Ip Spoofing

Documents
Spoofing Opinion

Spoofing Opinion

Documents
Какво е spoofing? Видове spoofing и методи за защита

Какво е spoofing? Видове spoofing и методи за защита

Education
GPS Spoofing

GPS Spoofing

Documents
Spoofing & Scanning

Spoofing & Scanning

Documents
Web Spoofing Ppt

Web Spoofing Ppt

Documents
Rip Spoofing

Rip Spoofing

Documents
Spoofing Dan Spamming

Spoofing Dan Spamming

Documents
Arp spoofing slides

Arp spoofing slides

Education
DHCP Spoofing

DHCP Spoofing

Software
Spoofing Sem

Spoofing Sem

Documents
GPS Spoofing & Implications for Telecom - rntfnd.org · GPS Spoofing & Implications for Telecom ... “Characterization of Receiver Response to Spoofing Attacks,” Proceedings of

GPS Spoofing & Implications for Telecom - rntfnd.org · GPS Spoofing & Implications for Telecom ... “Characterization of Receiver Response to Spoofing Attacks,” Proceedings of

Documents
Presentacion arp spoofing

Presentacion arp spoofing

Technology
Email Spoofing

Email Spoofing

Documents
Lab 1 - Packet Sniffing and Spoofing

Lab 1 - Packet Sniffing and Spoofing

Documents
Spoofing Seminar

Spoofing Seminar

Documents
Sniffing and Spoofing. Spoofing Fraudulent authentication one machine as another ARP spoofing IP spoofing DNS spoofing Web spoofing

Sniffing and Spoofing. Spoofing Fraudulent authentication one machine as another ARP spoofing IP spoofing DNS spoofing Web spoofing

Documents
ARP Spoofing

ARP Spoofing

Technology
Web Spoofing 1 Outline Motivation Web spoofing problem Web spoofing attacks – works done Web spoofing Countermeasures – works done New Idea

Web Spoofing 1 Outline Motivation Web spoofing problem Web spoofing attacks – works done Web spoofing Countermeasures – works done New Idea

Documents
SSL Spoofing

SSL Spoofing

Documents
IP Spoofing, CS265 1 IP Spoofing

IP Spoofing, CS265 1 IP Spoofing

Documents
G53SEC 1 Network Security Hijacking, flooding, spoofing and

G53SEC 1 Network Security Hijacking, flooding, spoofing and

Documents
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed

WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed

Documents
Web spoofing

Web spoofing

Technology
Preventing Traffic with Spoofed Source ... - mum.mikrotik.com · Anti-Spoofing Anti-Spoofing DDoS Reflection-Amplification attacks would be impossible without spoofing –however,

Preventing Traffic with Spoofed Source ... - mum.mikrotik.com · Anti-Spoofing Anti-Spoofing DDoS Reflection-Amplification attacks would be impossible without spoofing –however,

Documents