Subscribe by Email

Tuesday, November 26, 2013

Security - What is meant by a spoofing attack?

A spoofing attack can be described as a situation in which a program is successfully masqueraded by another person or program in the area of network security. This is done by falsification of inbound data through which the masquerading program gains an advantage, of the illegitimate kind. A number of TCP/ IP protocols do not have mechanisms for the source and destination authentication of the messages. This makes them too much vulnerable to the spoofing attacks. Thus some extra precautions have to be taken by the applications for verification of the sending and receiving host identity. A source IP address is forged using which IP packets are created. This is done for impersonation of identity of some other computer system and to conceal the sender’s identity. Thus, IP protocol is the basic one that is used for sending data across the networks. Each packet consists of numerical addresses. The header field of the packet is usually forged so that it appears as if it is from someone else.
The man-in-the-middle attacks against the network’s hosts are often carried out with the help of two types of spoofing namely ARP spoofing and the IP spoofing.
The implementation of firewalls having capability of inspecting the packets deeply can prevent the spoofing attacks from taking advantage of the TCP/ IP protocols. This can also be done by taking measures for the verification of the message sender and the recipient’s identity. There are sites which are pay sites and they can be accessed only through a certain log-in page that is approved by them. This enforcement is made by referrer header checking in the HTTP request. This is so because the referrer header can be changed by the unauthorized users to gain access to the site content. This is called referrer spoofing.
Sometimes the copyright holders also use spoofing for inserting un-listenable and distorted versions of works on networks where file is shared. This is termed as poisoning the file – sharing networks. Another type of spoofing attack is the caller ID spoofing. Caller ID info is often provided by the public telephone networks including the name and number of the caller. VoIP (voice over IP) is one such technology in which the caller ID info can be forged by the callers so as to present names and numbers that are false. This false information is then forwarded by the gateways that connect public networks and allow spoofing.
It is also possible that the origination of the spoofed call might be some other country. In that case the laws in the country of the recipient might not be applicable to the caller. This has also limited the effectiveness of the laws against the caller ID spoofing. This results in a lot of scams. Another type is email spoofing or email address spoofing. The information of the sender that you see in the emails can be easily spoofed. Spammers use this technique quite often for hiding their information. This creates problems such as spam backscatter, misdirected bounces and so on.
A GPS receiver can be deceived by GPS spoofing attacks. In this the counterfeit GPS signals are broadcasted that have been structured to appear same as the normal GPS signals. This can also be done with original signals and rebroadcasting them at some other point. Because of the receiver will estimate its position wrongly. One variant of GPS spoofing attack is the carry off attack. This attack involves synchronization and broadcasting of the signals and genuine signals together. This gradually increases the power of the counterfeit signals which causes them to drift away from the genuine signals.

No comments:

Facebook activity