In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.
Spoofing and TCP/IP
Many of the protocols in the TCP/IP suite do not provide mechanisms for authenticating the source or destination of a message. They are thus vulnerable to spoofing attacks when extra precautions are not taken by applications to verify the identity of the sending or receiving host. IP spoofing and ARP spoofing in particular may be used to leverage man-in-the-middle attacks against hosts on a computer network. Spoofing attacks which take advantage of TCP/IP suite protocols may be mitigated with the use of firewalls capable of deep packet inspection or by taking measures to verify the identity of the sender or recipient of a message.
Referrer spoofing
Some websites, especially pornographic paysites, allow access to their materials only from certain approved (login-) pages. This is enforced by checking the referrer header of the HTTP request. This referrer header however can be changed (known as "referrer spoofing" or "Ref-tar spoofing"), allowing users to gain unauthorized access to the materials.
Poisoning of file-sharing networks
"Spoofing" can also refer to copyright holders placing distorted or unlistenable versions of works on file-sharing networks, to discourage downloading from these sources.
Caller ID spoofing
In public telephone networks, it has for a long while been possible to find out who is calling you by looking at the Caller ID information that is transmitted with the call. There are technologies that transmit this information on landlines, on cellphones and also with VoIP. Unfortunately, there are now technologies (especially associated with VoIP) that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless. Due to the distributed geographic nature of the Internet, VoIP calls can be generated in a different country to the receiver, which means that it is very difficult to have a legal framework to control those who would use fake Caller IDs as part of a scam.[1]
Voice Mail Spoofing and How to Protect Yourself From Unauthorized Access
Main article: Voice Mail spoofing
Spoofing technology enables someone to make it seem as though they are calling from your telephone when they are not. The use of this technology for deceptive purposes is illegal.
In order to prevent unauthorized voicemail access from fraudulent activity such as caller ID spoofing, you should continue to use the voicemail passcode established when you set up your account. If you decide to skip using the voicemail passcode established when you set up your account, your voice mail messages can be vulnerable to unauthorized access with spoofing.
In most cases, you can change a voicemail passcode or adjust settings to re-enable the use of a passcode for retrieving messages, just access your voicemail and follow the prompts.
This information was found within the self-service feature of Sprint Zone in user's cell phone when selecting the option, Device Tips and Tricks, then, Voice Mail & Device Security.
E-mail address spoofing
The sender information shown in e-mails (the "From" field) can be spoofed easily. This technique is commonly used by spammers to hide the origin of their e-mails and leads to problems such as misdirected bounces (i.e. e-mail spam backscatter).
E-mail address spoofing is done in quite the same way as writing a forged return address using snail mail. As long as the letter fits the protocol, (i.e. stamp, postal code) the SMTP protocol will send the message. It can be done using a mail server with telnet.[2]
GPS Spoofing
A GPS spoofing attack attempts to deceive a GPS receiver by broadcasting a slightly more powerful signal than that received from the GPS satellites, structured to resemble a set of normal GPS signals. These spoofed signals, however, are modified in such a way as to cause the receiver to determine its position to be somewhere other than where it actually is, specifically somewhere determined by the attacker. Because GPS systems work by measuring the time it takes for a signal to travel from the satellite to the receiver, a successful spoofing requires that the attacker know precisely where the target is so that the spoofed signal can be structured with the proper signal delays. A GPS spoofing attack begins by broadcasting a slightly more powerful signal that produces the correct position, and then slowly deviates away towards the position desired by the spoofer, because moving too quickly will cause the receiver to lose signal lock altogether, at which point the spoofer works only as a jammer. It has been suggested that the capture of a Lockheed RQ-170 drone aircraft in northeastern Iran in December, 2011, was the result of such an attack.[3] GPS spoofing attacks had been predicted and discussed in the GPS community previously, but no known example of a malicious spoofing attack has yet been confirmed.[4][5][6]
See also
- Protocol spoofing, the benign simulating of a protocol in order to use another, more appropriate one.
- IP address spoofing
- Stream cipher attack
- LAND attack
References
- ^ Schneier, Bruce (3 March 2006). "Caller ID Spoofing". schneier.com. Retrieved 16 January 2011.
- ^ Gantz, John; Rochester, Jack B. (2005). Pirates of the Digital Millennium. Upper Saddle River, NJ 07458: Prentice Hall. ISBN 0-13-146315-2.
- ^ Scott Peterson; Payam Faramarzi (December 15, 2011). "Exclusive: Iran hijacked US drone, says Iranian engineer". Christian Science Monitor.
- ^ Wen, Hengqing; Huang, Peter; Dyer, John; Archinal, Andy; Fagan, John (2004). "Countermeasures for GPS signal spoofing". University of Oklahoma. Retrieved 16 December 2011.
- ^ Humphreys, T.E.; Ledvina, B. M.; Psiaki, M.; O'Hanlon, B. W.; Kintner, P.M. (2008). "Assessing the Spoofing Threat: Development of a Portable GPS Civilian Spoofer". ION GNSS. Retrieved 16 December 2011.
- ^ Jon S. Warner; Roger G. Johnston (December 2003). GPS Spoofing Countermeasures. Homeland Security Studies and Analysis Institute.
