SPOOFINGATTACK<br />PRESENTED BY:<br />    S.M RAZA SAJJAD<br />
Agenda<br />Spoofing<br />Types of Spoofing <br /><ul><li>IP Spoofing
URL spoofing
Referrer spoofing
Caller ID spoofing
E-mail Address Spoofing</li></li></ul><li>Spoofing<br />In the context of network security, a spoofing attack is a situati...
Types of Spoofing<br />IP Spoofing<br />URL spoofing<br />Referrer spoofing<br />Caller ID spoofing<br />E-mail Address Sp...
IP Spoofing<br />Definition:<br />Attacker spoofs the address of another machine and inserts itself between the attacked m...
URL Spoofing and Phishing<br />Another kind of spoofing is "webpage spoofing," also known as phishing. In this attack, a l...
Referrer Spoofing<br />Referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP r...
Caller ID Spoofing<br />In public telephone networks, it has for a long while been possible to find out who is calling you...
That’s easy. You can use a spoof card. A Caller ID Spoofer and Voice Changeris a calling card you can use to make a call t...
E-mail Address Spoofing<br />The sender information shown in e-mails (the "From" field) can be spoofed easily. This techni...
Upcoming SlideShare
Loading in …5
×

Spoofing Techniques

9,011 views

Published on

its all about spoofing techniques

0 Comments
10 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
9,011
On SlideShare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
646
Comments
0
Likes
10
Embeds 0
No embeds

No notes for slide

Spoofing Techniques

  1. 1. SPOOFINGATTACK<br />PRESENTED BY:<br /> S.M RAZA SAJJAD<br />
  2. 2. Agenda<br />Spoofing<br />Types of Spoofing <br /><ul><li>IP Spoofing
  3. 3. URL spoofing
  4. 4. Referrer spoofing
  5. 5. Caller ID spoofing
  6. 6. E-mail Address Spoofing</li></li></ul><li>Spoofing<br />In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.<br />An attacker alters his identity so that some one thinks he is some one else<br />
  7. 7. Types of Spoofing<br />IP Spoofing<br />URL spoofing<br />Referrer spoofing<br />Caller ID spoofing<br />E-mail Address Spoofing<br />
  8. 8. IP Spoofing<br />Definition:<br />Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies<br />thus gaining access to all messages in both directions without the trouble of any cryptanalytic effort. The attacker must monitor the packets sent from Alice to Bob and then guess the sequence number of the packets. Then the attacker knocks out Alice and injects his own packets, claiming to have the address of Alice.<br />From Address: 10.10.20.30<br />To Address: 10.10.5.5<br />Attacker intercepts packets<br />as they go to 10.10.20.30<br />Replies sent back <br />to 10.10.20.30<br />John<br />10.10.5.5<br />Attacker<br />10.10.50.50<br />
  9. 9. URL Spoofing and Phishing<br />Another kind of spoofing is "webpage spoofing," also known as phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest user names and passwords.<br />This attack is often performed with the aid of URL spoofing, which exploits web browser bugs in order to display incorrect URLs in the browsers location bar; in order to direct the user away from the legitimate site and to the fake one. Once the user puts in their password, the attack-code reports a password error, then redirects the user back to the legitimate site.<br />
  10. 10.
  11. 11.
  12. 12.
  13. 13. Referrer Spoofing<br />Referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referrer data with incorrect data, though most users simply suppress their web browser from sending referrer data, and may also modify other HTTP headers.<br />
  14. 14. Caller ID Spoofing<br />In public telephone networks, it has for a long while been possible to find out who is calling you by looking at the Caller ID information that is transmitted with the call. There are technologies that transmit this information on landlines, on cell phones and also with VoIP. Unfortunately, there are now technologies (especially associated with VoIP) that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless<br />
  15. 15. That’s easy. You can use a spoof card. A Caller ID Spoofer and Voice Changeris a calling card you can use to make a call to anyone and hide or mask your caller ID.<br />http://www.spoofcard.com/?utm_source=pj&utm_medium=Affiliate&source=pjn&subid=7504<br />
  16. 16. E-mail Address Spoofing<br />The sender information shown in e-mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected bounces (i.e. e-mail spam backscatter).<br />E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source.<br />By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers), it actually comes from another source.<br />
  17. 17.
  18. 18.
  19. 19. Conclusions<br />Computer Security is a continuous battle<br />As computer security gets tighter hackers are getting smarter<br />

×