Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What is Spoofing Attack ? How to prevent it ?

user-image
Question added by Khaled Omar , Senior Service Delivery Engineer , Dell Technologies
Date Posted: 2014/01/27
Saqib Mehmood
by Saqib Mehmood , Technical Team Lead/Safety Supervisor , Xchange Technology Group

A spoofing attack is when a malicious party impersonate another device or user on a network in order to launch attacks against network hosts, steal data, spread malware, or bypass access controls.

Spoofing Attack Prevention

There are many tools and practices that organizations can employ to reduce the threat of spoofing attacks. Common measures that organizations can take for spoofing attack prevention include:

1.  Packet filtering: Packet filters inspect packets as they are transmitted across a network. Packet filters are useful in IP address spoofing attack prevention because they are capable of filtering out and blocking packets with conflicting source address information (packets from outside the network that show source addresses from inside the network and vice-versa).

2.   Avoid trust relationships: Organizations should develop protocols that rely on trust relationships as little as possible. It is significantly easier for attackers to run spoofing attacks when trust relationships are in place because trust relationships only use IP addresses for authentication.

3.  Use spoofing detection software: There are many programs available that help organizations detect spoofing attacks, particularly ARP spoofing. These programs work by inspecting and certifying data before it is transmitted and blocking data that appears to be spoofed.

4.  Use cryptographic network protocols: Transport Layer Security (TLS), Secure Shell (SSH), HTTP Secure (HTTPS), and other secure communications protocols bolster spoofing attack prevention efforts by encrypting data before it is sent and authenticating data as it is received

 

Ahmed Mohamad Mohamad Elsherbeny
by Ahmed Mohamad Mohamad Elsherbeny , Head of team , Egypt Penetration Testers

In the context of Network Security, a spoofing attack is a situation in which attacker or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.

Types are such:

  1. Most known network spoofing attacks are (ARP spoofing and IP address spoofing)
  2. File sharing poisoning
  3. Email adddress Spoofing
  4. Websites Spoofing
  5. Caller ID spoofing
  6. GPS spoofing

Even most of the network protocols can fall victims for a spoofing attacks because they lack a mechanisms for authentication, but the most used by attackers are ARP and IP address as mentioned before.

 

Each type has a way to defenbd against spoofing attacks. "This will require alot of reading from you" ;D

Huda Baloum
by Huda Baloum , Administration Supervisor , Jordan Golden Jewel Co.

It is mocking and could be prevented by forcing respect and avoiding kidding.

More Questions Like This