Web Spoofing - PowerPoint PPT Presentation

About This Presentation
Title:

Web Spoofing

Description:

Some upper layer protocols provide their own defense against IP spoofing. ... Look at the IP information of the email header. If an email originated from inside ... – PowerPoint PPT presentation

Number of Views:1066
Avg rating:3.0/5.0
Slides: 21
Provided by: bryanv3
Learn more at: http://www.cs.fsu.edu
Category:
Tags: ip | spoofing | web

less

Transcript and Presenter's Notes

Title: Web Spoofing


1
Web Spoofing
  • By Jose Vega and Bryan Van Solt

2
Spoofing
  • is a situation in which one person or program
    successfully masquerades as another by falsifying
    information/data and thereby gaining an
    illegitimate advantage.

3
Types of Spoofing
  • IP Spoof
  • Web Spoof
  • E-mail Spoof
  • Non Technical Spoof

4
IP Spoofing
  • The creation of IP packets with a forged source.
  • The purpose of it is to conceal the identity of
    the sender or impersonating another computing
    system.

5
Uses of IP Spoofing
  • Denial-of-service attack
  • the goal is to flood the victim with overwhelming
    amounts of traffic. This prevents an internet
    site or service from functioning efficiently or
    at all, temporarily or indefinitely.

6
Uses of IP Spoofing
  • To defeat networks security
  • Such as authentication based on IP addresses.
  • This type of attack is most effective where trust
    relationships exist between machines.
  • For example, some corporate networks have
    internal systems trust each other, a user can
    login without a username or password as long he
    is connecting from another machine on the
    internal network. By spoofing a connection from a
    trusted machine, an attacker may be able to
    access the target machine without authenticating.

7
Defense against IP spoofing
  • Packet filtering- one defense against IP spoofing
  • Ingress filtering- blocking of packets from
    outside the network with a source address inside
    the network
  • Egress filtering blocking outgoing packets from
    inside the network source address.

8
Defense against IP spoofing
  • Upper Layers
  • Some upper layer protocols provide their own
    defense against IP spoofing.
  • For example, TCP uses sequence numbers negotiated
    with the remote machine to ensure that the
    arriving packets are part of an established
    connection. Since the attacker normally cant see
    any reply packets, he has to guess the sequence
    number in order to hijack the connection.

9
Web Spoofing
  • Its a security attack that allows an adversary
    to observe and modify all web pages sent to the
    victims machine and observe all information
    entered into forms by the victim.

10
Web Spoofing
  • The attack is initiated when a victim visits a
    malicious web page, or receives a malicious email
    message.
  • The attack is implemented using JavaScript and
    Web serves plug-ins.

11
Dangers of Web Spoofing
  • After your browser has been fooled, the spoofed
    web server can send you fake web pages or prompt
    you to provide personal information such as login
    Id, password, or even credit card or bank account
    numbers.

12
How to prevent it
  • Dont click links in emails instead always copy
    and paste, or even better manually type the URL
    in.
  • When entering personal or sensitive information,
    verify the URL is as you expect, and the sites
    SSL certificate matches that URL.
  • Understand why youre providing the
    information-does it make sense? Does the site
    need to know your SSN?

13
Email Spoof
  • E-mail spoofing is the forgery of an e-mail
    header so that the message appears to have
    originated from someone or somewhere other than
    the actual source.

14
Email Spoof with PHP function mail()
  • The mail() function allows you to send mail.
  • bool mail ( string to , string subject , string
    message , string additional_headers , string
    additional_parameters )
  • Example www.rootspot.com/jose/mail

15
Email Spoof with telnet
  • Open command prompt and type telnet
    ltRemoteMailServergt 25
  • mail from your email id _at_ blah.com
  • rcpt to recipient email id _at_ blah.com

16
Email Spoof Protection
  • Double check the email you are replying to, make
    sure that the letters are what they truly seem.
    For example, l(lower case L) is not the same as
    I(upper case i).
  • Look at the IP information of the email header.
    If an email originated from inside your network,
    the sender should have very similar IP address.

17
Non-Technical Spoofing
  • These non-computer based techniques are commonly
    referred to as social engineering. With social
    engineering, an attacker tries to convince
    someone that he is someone else.
  • This can be as simple as the attacker calling
    someone on the phone saying that he is a certain
    person.

18
Example of Non-Technical Spoofing
  • An attacker calls the help desk to request a new
    account to be set up. The attacker pretends to be
    a new employee.
  • A technician walks into a building saying that
    he has been called to fix a broken computer. What
    business does not have a broken computer?

19
Why does Non-Technical Spoof Works.
  • The main reason is that it exploits attributes of
    human behavior trust is good and people love to
    talk. Most people assume that if someone is nice
    and pleasant, he must be honest. If an attacker
    can sound sincere and listen, you would be amazed
    at what people will tell him.

20
Non-Technical Spoof Protection
  • Educate your users
  • The help desk
  • Receptionist
  • Administrators
  • Have proper policies
  • Password policy
  • Security policy
Write a Comment
User Comments (0)
About PowerShow.com