Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.

Slides:

Advertisements

Similar presentations

Chapter 6 Computer Fraud and Abuse Techniques Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 6-1.

Advertisements

Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.

Network Security. Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives  Give examples of common network.

Threats To A Computer Network

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J

1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.

COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Router. Introduction A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work.

PART THREE E-commerce in Action Norton University E-commerce in Action.

 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.

URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.

Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.

Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.

Security, Social and Legal Issues Regarding Software and Internet.

Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.

Phishing A practical case study. What is phishing? Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details.

How Phishing Works Prof. Vipul Chudasama.

CIS 450 – Network Security Chapter 4 - Spoofing. Definition - To fool. In networking, the term is used to describe a variety of ways in which hardware.

URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Topic 5: Basic Security.

Jeopardy ProtocolsPartsPrograms General Internet HTML Q $100 Q $200 Q $300 Q $400 Q $500 Q $100 Q $200 Q $300 Q $400 Q $500 Final Jeopardy.

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

Quiz 2 Post-Mortem Bruce Maggs. 2 Create a new BitCoin address, and use it only once. E.g., create a new wallet. Create a new address and mine a BitCoin.

Sources of Network Intrusion Security threats from network intruders can come from both internal and external sources.  External Threats - External threats.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Analysing s Michael Jones. Overview How works Types of crimes associated with Mitigations Countermeasures Michael Jones2Analsysing s.

Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.

Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.

Comparison of Network Attacks COSC 356 Kyler Rhoades.

SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.

A Student’s Guide to Proper and Safe Web Behavior

Unit 3 Section 6.4: Internet Security

SSL Certificates for Secure Websites

DNS Security Issues SeongHo Cho DPNM Lab., POSTECH

An Application with Active Spoof Monitoring and Control

PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471

Computer Data Security & Privacy

Information Security and Privacy Pertaining to Phishing and Internet Scams Brian Corl COSC 316 Information Security and Privacy.

Networks Problem Set 1 Due Oct 3 Bonus Date Oct 2

Some Common Terms The Internet is a network of computers spanning the globe. It is also called the World Wide Web. World Wide Web It is a collection of.

Spoofing Basics Presentation developed by A.F.M Bakabillah Cyber Security and Networking Consultant MCSA: Messaging, MCSE RHCE ITIL CEH.

Protect Your Computer Against Harmful Attacks!

Information Security Session October 24, 2005

Network Security: IP Spoofing and Firewall

ISNE101 Dr. Ken Cosh Week 13.

Computer Security.

What is Phishing? Pronounced “Fishing”

Computer Networks ARP and RARP

Wireless Spoofing Attacks on Mobile Devices

Chapter 8 roadmap 8.1 What is network security?

Cybersecurity Simplified: Phishing

Presentation transcript:

Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing

Spoofing In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. An attacker alters his identity so that some one thinks he is some one else

Types of Spoofing IP Spoofing URL spoofing Referrer spoofing Caller ID spoofing Address Spoofing

IP Spoofing Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies thus gaining access to all messages in both directions without the trouble of any cryptanalytic effort. The attacker must monitor the packets sent from Alice to Bob and then guess the sequence number of the packets. Then the attacker knocks out Alice and injects his own packets, claiming to have the address of Alice. Replies sent back to Attacker John From Address: To Address: Attacker intercepts packets as they go to

URL Spoofing and Phishing Another kind of spoofing is "webpage spoofing," also known as phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest user names and passwords. This attack is often performed with the aid of URL spoofing, which exploits web browser bugs in order to display incorrect URLs in the browsers location bar; in order to direct the user away from the legitimate site and to the fake one. Once the user puts in their password, the attack- code reports a password error, then redirects the user back to the legitimate site.

Referrer Spoofing Referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referrer data with incorrect data, though most users simply suppress their web browser from sending referrer data, and may also modify other HTTP headers.

Caller ID Spoofing In public telephone networks, it has for a long while been possible to find out who is calling you by looking at the Caller ID information that is transmitted with the call. There are technologies that transmit this information on landlines, on cell phones and also with VoIP. Unfortunately, there are now technologies (especially associated with VoIP) that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless

That’s easy. You can use a spoof card. A Caller ID Spoofer and Voice Changer is a calling card you can use to make a call to anyone and hide or mask your caller ID. _medium=Affiliate&source=pjn&subid=7504

Address Spoofing The sender information shown in s (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their s and leads to problems such as misdirected bounces (i.e. spam backscatter). spoofing is a term used to describe (usually fraudulent) activity in which the sender address and other parts of the header are altered to appear as though the originated from a different source. By changing certain properties of the , such as the From, Return- Path and Reply-To fields (which can be found in the message header), ill- intentioned users can make the appear to be from someone other than the actual sender. The result is that, although the appears to come from the address indicated in the From field (found in the headers), it actually comes from another source.

Conclusions Computer Security is a continuous battle – As computer security gets tighter hackers are getting smarter