Spoofs
Spoofs cover a broad category of threats. In general terms, a spoof entails falsifying one's identity or masquerading as some other individual or entity to gain access to a system or network or to gain information for some other unauthorized purpose. There are many different kinds of spoofs, including, among many others, IP address spoofing, session highjacking, domain name service (DNS) spoofing, sequence number spoofing, and replay attacks.
IP Address Spoofing
Every device on a TCP/IP network has a unique IP address. The IP address is a unique identification of the device, and no two devices on the network can have the same IP address. IP addresses are formatted as four decimal numbers separated by dots (e.g., 147.34.28.103). IP address spoofing takes advantage of systems and networks that rely on the IP address of the connecting system or device for authentication. For example, packet-filtering routers are sometimes used to protect an internal network from an external untrusted network. These routers will only allow specified IP addresses to pass from the external network to the internal network. If a hacker is able to determine an IP address that is permitted access through the router, he or she can spoof the address on the external network to gain access to the internal network. The hacker in effect masquerades as someone else.
In this tutorial:
- Threats and Attacks
- The OSI Reference Model
- TCP/IP Protocol Suite
- Threats, Vulnerabilities, and Attacks
- Attacks
- Viruses
- Worm
- Trojan Horses
- Trap Doors
- Logic Bombs
- Port Scanning
- Spoofs
- Sequence Number Spoofing
- DNS
- DNS Poisoning
- Redirects
- Password Cracking
- Sniffing
- War Dialing
- Denial of Service
- Ping of Death
- SYN Flooding
- SPAM
- Smurf Attack