Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

Published byPhilip Hood Modified over 9 years ago

Similar presentations

Presentation on theme: "CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The."— Presentation transcript:

1 CHAPTER 11 Spoofing Attack

2 INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The objective is providing false information about principal’s identity to obtain unauthorized access to systems and their services Spoofing Is Tampering Activity Spoofing is a tampering activity because the hacker convinces a host computer that the hacker is another, trusted host computer, and therefore should receive information.

3 INTRODUCTION Spoofing Is Identity Forgery The concept of assuming the identity of another is central to the nature of the spoof Example: IP spoofing attack Spoofing Is an Active Attack Against Identity Checking Procedures Spoofing at its core involves sending message that is not what is claims to be Message that been sent belong to different people more trusted than the actual Identity of the sender was left recorded in error

4 INTRODUCTION Spoofing Is Possible at All Layers of Communication Spoofing can operate at all layers in between the client and server For example: the simplest level of spoof involves physically overpowering or incepting trusted communication Splicing into a trusted fiber optic link and inserting malicious streams of data is a definite spoof

5 INTRODUCTION Spoofing Is Always Intentional Somebody plan to do it either directly or indirectly Such as malfunction or misconfiguration that cause the network down is treat as spoofing attack Spoofing May Be Blind or Informed Blind spoofing involves submitting identifying information without the full breadth of knowledge that the legitimate user has access to

6 INTRODUCTION Attacker can only send and has to make assumptions or guess about reply Informed attacks in which the attacker can monitor Participate in bidirectional communications Spoofing does not involve supplying the exact credentials of the legitimate identity

7 INTRODUCTION Spoofing Is Not the Same Thing as Betrayal Users abuse their powers and cause a security breach, they’ve not spoofed anything They were granted the power and the freedom to use them Spoofing Is Nothing New Attack against identity are nothing new in human existence

8 INTRODUCTION Spoofing Is Not Always Malicious Spoofing is not always attack Some network redundancy schemes rely on automated spoofing in order to take over the identity of a downed server

9 TYPES OF SPOOFING TCP/IP Spoofing A hacker can use IP source routing to specify a direct route to a destination and a return path back to the origination. The hacker is able to intercept or modify transmissions without encountering packets destined for the true host by using routers. Thus, the IP spoofing attack is an extraordinary method of gaining access because in it, the cracker never uses a username or password. IP spoofing is quite complex and very easily prevented.

10 TYPES OF SPOOFING Hyperlink Spoofing Hyperlink spoofing is one common attack hackers can use against computer communications using the hypertext transport protocol (HTTP). Hackers can perform attacks on the Secure Socket Layers (SSL) server authentication protocol used in creating secure Web browsers and servers. A “man-in-the-middle” hacker can persuade the browser to connect to a fake server while the browser presents the usual appearances of a secure session.

11 TYPES OF SPOOFING Web Spoofing Web spoofing allows the hacker to observe or modify any data going from the victim to Web servers. The hacker can control all return traffic from Web servers to the victim. The false Web looks like the real one, including all the same pages and links as the real Web. However, the hacker completely controls the false Web so that all network traffic between the victim’s browser and the Web goes through the hacker.

12 IMPACTS OF SPOOFING Subtle Spoofs And Economic Sabotage Subtlety Will Get You Everywhere Selective Failure for Selecting Recovery Attacking SSL through Intermittent Failures

13 WHAT TO SPOOF? For the moment the list of vulnerable services is short indeed: Configuration using Sun RPC calls Sun RPC refers to Sun Microsystems' standard of Remote Procedure Calls, which are methods of issuing system calls that work transparently over networks. Network service that utilizes IP address authentication IP address authentication uses the IP address as an index.

14 WHAT TO SPOOF? The target machine authenticates a session between itself and other machines by examining the IP address of the requesting machine. The R services In the UNIX environment, the R services are rlogin and rsh. The r represents the word remote. These two programs are designed to provide users with remote access to other machines on the Internet. The R services are vulnerable to IP spoofing attacks.

15 SPOOFING PROTECTION TCP/IP Spoofing The best defense against IP spoofing attacks is to filter packets as the packets enter your router from the Internet, thereby blocking any packet that claims to have originated inside your local domain. This is most commonly done with a router. Some of the router brands that support packet- filtering include: 1. Bay Networks/Wellfleet, version 5 and later 2. Cabletron with LAN secure 3. Cisco, RIS software version 9.21 and later

16 SPOOFING PROTECTION Hyperlink Spoofing One possible solution to prevent hyperlink spoofing is to make the users’ browsers start up on a secure page, so that users can trust their initial links and a hacker can never send them anywhere suspicious. trustworthy sites can be determined based on the following two criteria: 1. The site is securely-run. 2. The site only serves pages with hyperlinks to sites that are run securely.

17 SPOOFING PROTECTION Web Spoofing Although Web spoofing is nearly an undetectable security attack, the best defense is: 1. Disable JavaScript, Java, and VBScript in your browser so the hacker cannot hide the evidence of the attack. 2. Make sure your browser’s location line is always visible. 3. Pay attention to the URLs your browser’s location line displays, making sure the URLs always point to the server to which you think you are connected.

Download ppt "CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The."

Similar presentations

Module X Session Hijacking

Module X Session Hijacking
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.

Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug 2013 - scotthel.me.

Session Hijacking Why web security depends on communications security and how TLS everywhere is the only solution. Scott Helme - 6th Aug scotthel.me.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.

Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Security and Penetration Testing

Computer Security and Penetration Testing

Similar presentations

Ads by Google