• Like
Web spoofing hacking
Upcoming SlideShare
Loading in...5
×

Web spoofing hacking

  • 539 views
Uploaded on

 

More in: Education , Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
539
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
58
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Web Spoofing: the game for hackers Created BY: Khunt Jignesh N. Roll no : 25
  • 2. Web Spoofing  Web Spoofing is a security attack that allows an adversary to observe and modify all web pages sent to the victim's machine, and observe all information entered into forms by the victim.  The attacker can observe and modify all web pages and form submissions, even when the browser's "secure connection" indicator is lit. The user sees no indication that anything is wrong.  After your browser has been fooled, the spoofed web server can send you fake web pages or prompt you to provide personal information such as login Id, password, or even credit card or bank account numbers.
  • 3. Types of web Spoofing  IP Spoof  E-mail Spoof  Non Technical Spoof
  • 4. IP spoofing & its prevention  The creation of IP packets with a forged source. The purpose of it is to conceal the identity of the sender or impersonating another computing system.  Some upper layer protocols provide their own defense against IP spoofing.  For example, TCP uses sequence numbers negotiate with the remote machine to ensure that the arriving packets are part of an established connection. Since the attacker normally cant see any reply packets, he has to guess the sequence number in order to hijack the connection.
  • 5. Example of ip-spoofing
  • 6. E-mail spoofing  E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.
  • 7. Example of e-mail spoof
  • 8. How to prevent it  Don’t click links in emails instead always copy and paste, or even better manually type the URL in.  When entering personal or sensitive information, verify the URL is as you expect, and the site’s SSL certificate matches that URL.  Look at the IP information of the email header. If an email originated from inside your network, the sender should have very similar IP address.
  • 9. Non-technical spoofing  These non-computer based techniques are commonly referred to as social engineering. This can be as simple as the attacker calling someone on the phone saying that he is a certain person.
  • 10. Example of Non-Technical Spoofing
  • 11. Why does Non-Technical Spoof Works.  The main reason is that it exploits attributes of human behavior: trust is good and people love to talk. Most people assume that if someone is nice and pleasant, he must be honest. If an attacker can sound sincere and listen, you would be amazed at what people will tell him.
  • 12. Non-Technical Spoof Prevention  Educate your users  Have proper policies
  • 13. Conclusion  We should remain updated in this fields.  Daily there will be new challenges as the hackers seek out weakness and vulnerabilities in our systems.
  • 14.  ANY QUERIES???