Professional Documents
Culture Documents
Introduction
• We discuss in this seminar an Internet security attack that could
endanger the privacy of World Wide Web users and the integrity of
their data. The attack can be carried out on today’s systems,
endangering users of the most common Web browsers, including
Netscape Navigator and Microsoft Internet Explorer.
• Web spoofing allows an attacker to create a “shadow copy” of the
entire World Wide Web. Accesses to the shadow Web are funneled
through the attacker’s machine, allowing the attacker to monitor all of
the victim’s activities including any passwords or account numbers the
victim enters. The attacker can also cause false or misleading data to
be sent to Web servers in the victim’s name, or to the victim in the
name of any Web server. In short, the attacker observes and controls
everything the victim does on the Web.
• I have implemented a demonstration version of this attack.
Spoofing
Definition:
An attacker alters his identity so that some one thinks he
is some one else
– Email, User ID, IP Address, …
– Attacker exploits trust relation between user and
networked machines to gain access to machines
Types of Spoofing:
1. IP Spoofing:
2. Email Spoofing
3. Web Spoofing
Definition -Types of
spoofing:
• IP spoofing: Attacker uses IP address of
another computer to acquire information
or gain access
• Email spoofing: Attacker sends email
but makes it appear to come from
someone else
• Web spoofing: Attacker tricks web
browser into communicating with a
different web server than the user
intended.
What is IP Spoofing?
IP spoofing is the creation of TCP/IP packets with
somebody else's IP address in the header.
Routers use the destination IP address to forward
packets, but ignore the source IP address.
The source IP address is used only by the
destination machine, when it responds back to the
source.
When an attacker spoofs someone’s IP address,
the victim’s reply goes back to that address. Since
the attacker does not receive packets back, this is
called a one-way attack or blind spoofing.
To see the return packets, the attacker must
intercept them.
IP Spoofing – Flying-Blind
Attack
Definition:
Attacker uses IP address of another computer to acquire
information or gain access