SlideShare a Scribd company logo

Spoofing Techniques

Download as PPTX, PDF
R
Raza_Abidi

its all about spoofing techniques

1 of 17
SPOOFINGATTACK PRESENTED BY: S.M RAZA SAJJAD
Agenda Spoofing Types of Spoofing ,[object Object]
URL spoofing
Referrer spoofing
Caller ID spoofing
E-mail Address Spoofing,[object Object]
Types of Spoofing IP Spoofing URL spoofing Referrer spoofing Caller ID spoofing E-mail Address Spoofing
IP Spoofing Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies thus gaining access to all messages in both directions without the trouble of any cryptanalytic effort. The attacker must monitor the packets sent from Alice to Bob and then guess the sequence number of the packets. Then the attacker knocks out Alice and injects his own packets, claiming to have the address of Alice. From Address: 10.10.20.30 To Address: 10.10.5.5 Attacker intercepts packets as they go to 10.10.20.30 Replies sent back to 10.10.20.30 John 10.10.5.5 Attacker 10.10.50.50
URL Spoofing and Phishing Another kind of spoofing is "webpage spoofing," also known as phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest user names and passwords. This attack is often performed with the aid of URL spoofing, which exploits web browser bugs in order to display incorrect URLs in the browsers location bar; in order to direct the user away from the legitimate site and to the fake one. Once the user puts in their password, the attack-code reports a password error, then redirects the user back to the legitimate site.
Referrer Spoofing Referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referrer data with incorrect data, though most users simply suppress their web browser from sending referrer data, and may also modify other HTTP headers.
Caller ID Spoofing In public telephone networks, it has for a long while been possible to find out who is calling you by looking at the Caller ID information that is transmitted with the call. There are technologies that transmit this information on landlines, on cell phones and also with VoIP. Unfortunately, there are now technologies (especially associated with VoIP) that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless
That’s easy. You can use a spoof card. A Caller ID Spoofer and Voice Changeris a calling card you can use to make a call to anyone and hide or mask your caller ID. http://www.spoofcard.com/?utm_source=pj&utm_medium=Affiliate&source=pjn&subid=7504
E-mail Address Spoofing The sender information shown in e-mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected bounces (i.e. e-mail spam backscatter). E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers), it actually comes from another source.

Recommended

Spoofing
SpoofingSpoofing
SpoofingGreater Noida Institute Of Technology
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
Ipspoofing
IpspoofingIpspoofing
IpspoofingAkhil Kumar
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherPankaj Dubey
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofingarpit.arp
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingDhrumil Shah
 
Spoofing
SpoofingSpoofing
SpoofingSanjeev
 

Recommended

Spoofing
SpoofingSpoofing
SpoofingGreater Noida Institute Of Technology
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N Gavinashkanchan
 
Ipspoofing
IpspoofingIpspoofing
IpspoofingAkhil Kumar
 
Spoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherSpoofing attack: Learn about Email spoofing, IP address spoofing and many other
Spoofing attack: Learn about Email spoofing, IP address spoofing and many otherPankaj Dubey
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle AttackDeepak Upadhyay
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofingarpit.arp
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingDhrumil Shah
 
Spoofing
SpoofingSpoofing
SpoofingSanjeev
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Presentation1
Presentation1Presentation1
Presentation1Rahul Polara
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Email phising and spoofing hurting your business
Email phising and spoofing hurting your businessEmail phising and spoofing hurting your business
Email phising and spoofing hurting your businessMithi SkyConnect
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
ip spoofing
ip spoofingip spoofing
ip spoofingmohan babu
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attackmarada0033
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip SpoofingRoushan Jha
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Ettercap
EttercapEttercap
EttercapPrem Thakkar
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
spyware
spywarespyware
spywareNamanKikani
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacksn|u - The Open Security Community
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 
Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hackingjignesh khunt
 
Ip spoofing & types of attachs using it
Ip spoofing & types of attachs using itIp spoofing & types of attachs using it
Ip spoofing & types of attachs using itRajesh Porwal
 

More Related Content

What's hot

System hacking
System hackingSystem hacking
System hackingCAS
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Email phising and spoofing hurting your business
Email phising and spoofing hurting your businessEmail phising and spoofing hurting your business
Email phising and spoofing hurting your businessMithi SkyConnect
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attackmarada0033
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Amit Tyagi
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)Hemal Joshi
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingNezar Alazzabi
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissanceNishaYadav177
 

What's hot (20)

System hacking
System hackingSystem hacking
System hacking
 
Presentation1
Presentation1Presentation1
Presentation1
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Email phising and spoofing hurting your business
Email phising and spoofing hurting your businessEmail phising and spoofing hurting your business
Email phising and spoofing hurting your business
 
Phishing
PhishingPhishing
Phishing
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
 
Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)Cross Site Scripting ( XSS)
Cross Site Scripting ( XSS)
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Ettercap
EttercapEttercap
Ettercap
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
spyware
spywarespyware
spyware
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacks
 
Phishing
PhishingPhishing
Phishing
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Footprinting and reconnaissance
Footprinting and reconnaissanceFootprinting and reconnaissance
Footprinting and reconnaissance
 

Similar to Spoofing Techniques

Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hackingjignesh khunt
 
Ip spoofing & types of attachs using it
Ip spoofing & types of attachs using itIp spoofing & types of attachs using it
Ip spoofing & types of attachs using itRajesh Porwal
 
Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Balvinder Singh
 
Cyber Security (Hacking)
Cyber Security (Hacking)Cyber Security (Hacking)
Cyber Security (Hacking)Dhrumit Patel
 
Access Controls Attacks
Access Controls AttacksAccess Controls Attacks
Access Controls AttacksHafiza Abas
 
342_IP_Spoofing.pptx
342_IP_Spoofing.pptx342_IP_Spoofing.pptx
342_IP_Spoofing.pptxRajeshArora97
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
phishing-awareness-powerpoint [Autosaved].pptx
phishing-awareness-powerpoint [Autosaved].pptxphishing-awareness-powerpoint [Autosaved].pptx
phishing-awareness-powerpoint [Autosaved].pptxErrorError22
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing pptAnushakp9
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacksApijay Kumar
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesSarim Khawaja
 

Similar to Spoofing Techniques (20)

Web spoofing hacking
Web spoofing hackingWeb spoofing hacking
Web spoofing hacking
 
Ip spoofing & types of attachs using it
Ip spoofing & types of attachs using itIp spoofing & types of attachs using it
Ip spoofing & types of attachs using it
 
rajat_ppt
rajat_pptrajat_ppt
rajat_ppt
 
Webspoofing
WebspoofingWebspoofing
Webspoofing
 
Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention Proposed Methods of IP Spoofing Detection & Prevention
Proposed Methods of IP Spoofing Detection & Prevention
 
Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)
 
Cyber Security (Hacking)
Cyber Security (Hacking)Cyber Security (Hacking)
Cyber Security (Hacking)
 
IP Spoofing
IP SpoofingIP Spoofing
IP Spoofing
 
Access Controls Attacks
Access Controls AttacksAccess Controls Attacks
Access Controls Attacks
 
A to z of Cyber Crime
A to z of Cyber CrimeA to z of Cyber Crime
A to z of Cyber Crime
 
Man in the middle
Man in the middleMan in the middle
Man in the middle
 
342_IP_Spoofing.pptx
342_IP_Spoofing.pptx342_IP_Spoofing.pptx
342_IP_Spoofing.pptx
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internet
 
phishing-awareness-powerpoint [Autosaved].pptx
phishing-awareness-powerpoint [Autosaved].pptxphishing-awareness-powerpoint [Autosaved].pptx
phishing-awareness-powerpoint [Autosaved].pptx
 
Ip spoofing ppt
Ip spoofing pptIp spoofing ppt
Ip spoofing ppt
 
Phishing.pptx
Phishing.pptxPhishing.pptx
Phishing.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Ip spoofing attacks
Ip spoofing attacksIp spoofing attacks
Ip spoofing attacks
 
Network Security
Network SecurityNetwork Security
Network Security
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
 

Spoofing Techniques

  • 2.
  • 6.
  • 7. Types of Spoofing IP Spoofing URL spoofing Referrer spoofing Caller ID spoofing E-mail Address Spoofing
  • 8. IP Spoofing Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies thus gaining access to all messages in both directions without the trouble of any cryptanalytic effort. The attacker must monitor the packets sent from Alice to Bob and then guess the sequence number of the packets. Then the attacker knocks out Alice and injects his own packets, claiming to have the address of Alice. From Address: 10.10.20.30 To Address: 10.10.5.5 Attacker intercepts packets as they go to 10.10.20.30 Replies sent back to 10.10.20.30 John 10.10.5.5 Attacker 10.10.50.50
  • 9. URL Spoofing and Phishing Another kind of spoofing is "webpage spoofing," also known as phishing. In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest user names and passwords. This attack is often performed with the aid of URL spoofing, which exploits web browser bugs in order to display incorrect URLs in the browsers location bar; in order to direct the user away from the legitimate site and to the fake one. Once the user puts in their password, the attack-code reports a password error, then redirects the user back to the legitimate site.
  • 10.
  • 11.
  • 12.
  • 13. Referrer Spoofing Referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referrer data with incorrect data, though most users simply suppress their web browser from sending referrer data, and may also modify other HTTP headers.
  • 14. Caller ID Spoofing In public telephone networks, it has for a long while been possible to find out who is calling you by looking at the Caller ID information that is transmitted with the call. There are technologies that transmit this information on landlines, on cell phones and also with VoIP. Unfortunately, there are now technologies (especially associated with VoIP) that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless
  • 15. That’s easy. You can use a spoof card. A Caller ID Spoofer and Voice Changeris a calling card you can use to make a call to anyone and hide or mask your caller ID. http://www.spoofcard.com/?utm_source=pj&utm_medium=Affiliate&source=pjn&subid=7504
  • 16. E-mail Address Spoofing The sender information shown in e-mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected bounces (i.e. e-mail spam backscatter). E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers), it actually comes from another source.
  • 17.
  • 18.
  • 19. Conclusions Computer Security is a continuous battle As computer security gets tighter hackers are getting smarter