Spoofing

From
Revision as of 20:42, 5 December 2004 by 217.232.42.215 (talk)
Jump to navigation Jump to search

The attacks that can be subsumed by the the term "spoofing", are based on the forgery of identities.

Some of these attacks are presented here, but there are of course multiple others.


IP-Spoofing relies on the forgery of the sender-address in ip-headers. Although a quite simple attack, it can be very effective. This attack overwhelms all security defenses, which are using the sender-address to authenticate certain actions. There are for example some firewalls that allow packets with certain sender-addresses to pass. Further examples for vulnerable protocols/services are the r* services. Although quite old, this attack is still important as it is often in conjunction with DOS attacks.

  • Defense against ip-spoofing can best be done by firefalls, that can prevent forged packets from entering the local net. Services and authentication should not rely on the sender-address nevertheless.

ARP-Spoofing


DNS-Spoofing


Web/URL-Spoofing