Spoofing: Difference between revisions

From
Jump to navigation Jump to search
No edit summary
 
No edit summary
Line 6: Line 6:


'''IP-Spoofing''' relies on the forgery of the sender-address in ip-headers. Although a quite simple attack, it can be very effective. This attack overwhelms all security defenses, which are using the sender-address to authenticate certain actions. There are for example some firewalls that allow packets with certain sender-addresses to pass.
'''IP-Spoofing''' relies on the forgery of the sender-address in ip-headers. Although a quite simple attack, it can be very effective. This attack overwhelms all security defenses, which are using the sender-address to authenticate certain actions. There are for example some firewalls that allow packets with certain sender-addresses to pass.
Further examples for vulnerable protocols/services are the r* services.
Further examples for vulnerable protocols/services are the r* services. Although quite old, is this attack still important as it is often in conjunction with DOS attacks.
*'''Defense''' against ip-spoofing can best be done by firefalls, that can prevent forged packets from entering the local net. Services and authentication should not rely on the sender-address nevertheless.
*'''Defense''' against ip-spoofing can best be done by firefalls, that can prevent forged packets from entering the local net. Services and authentication should not rely on the sender-address nevertheless.



Revision as of 20:41, 5 December 2004

The attacks that can be subsumed by the the term "spoofing", are based on the forgery of identities.

Some of these attacks are presented here, but there are of course multiple others.


IP-Spoofing relies on the forgery of the sender-address in ip-headers. Although a quite simple attack, it can be very effective. This attack overwhelms all security defenses, which are using the sender-address to authenticate certain actions. There are for example some firewalls that allow packets with certain sender-addresses to pass. Further examples for vulnerable protocols/services are the r* services. Although quite old, is this attack still important as it is often in conjunction with DOS attacks.

  • Defense against ip-spoofing can best be done by firefalls, that can prevent forged packets from entering the local net. Services and authentication should not rely on the sender-address nevertheless.

ARP-Spoofing


DNS-Spoofing


Web/URL-Spoofing