Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

What is Spoofing Attack ? How to prevent it ?

user-image
Question ajoutée par Khaled Omar , Senior Service Delivery Engineer , Dell Technologies
Date de publication: 2014/01/27
Saqib Mehmood
par Saqib Mehmood , Technical Team Lead/Safety Supervisor , Xchange Technology Group

A spoofing attack is when a malicious party impersonate another device or user on a network in order to launch attacks against network hosts, steal data, spread malware, or bypass access controls.

Spoofing Attack Prevention

There are many tools and practices that organizations can employ to reduce the threat of spoofing attacks. Common measures that organizations can take for spoofing attack prevention include:

1.  Packet filtering: Packet filters inspect packets as they are transmitted across a network. Packet filters are useful in IP address spoofing attack prevention because they are capable of filtering out and blocking packets with conflicting source address information (packets from outside the network that show source addresses from inside the network and vice-versa).

2.   Avoid trust relationships: Organizations should develop protocols that rely on trust relationships as little as possible. It is significantly easier for attackers to run spoofing attacks when trust relationships are in place because trust relationships only use IP addresses for authentication.

3.  Use spoofing detection software: There are many programs available that help organizations detect spoofing attacks, particularly ARP spoofing. These programs work by inspecting and certifying data before it is transmitted and blocking data that appears to be spoofed.

4.  Use cryptographic network protocols: Transport Layer Security (TLS), Secure Shell (SSH), HTTP Secure (HTTPS), and other secure communications protocols bolster spoofing attack prevention efforts by encrypting data before it is sent and authenticating data as it is received

 

Ahmed Mohamad Mohamad Elsherbeny
par Ahmed Mohamad Mohamad Elsherbeny , Head of team , Egypt Penetration Testers

In the context of Network Security, a spoofing attack is a situation in which attacker or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.

Types are such:

  1. Most known network spoofing attacks are (ARP spoofing and IP address spoofing)
  2. File sharing poisoning
  3. Email adddress Spoofing
  4. Websites Spoofing
  5. Caller ID spoofing
  6. GPS spoofing

Even most of the network protocols can fall victims for a spoofing attacks because they lack a mechanisms for authentication, but the most used by attackers are ARP and IP address as mentioned before.

 

Each type has a way to defenbd against spoofing attacks. "This will require alot of reading from you" ;D

Huda Baloum
par Huda Baloum , Administration Supervisor , Jordan Golden Jewel Co.

It is mocking and could be prevented by forcing respect and avoiding kidding.

More Questions Like This