Spoofing is simply changing the original data with the fake one. Spoofing can be done in different area.
1) IP spoofing
2) web page or URL spoofing
3) Mail ID spoofing
4) MAC address spoofing
IP spoofing is done simply by changing the original ip address with a fake IP using many softwares.
This is mainly done when the attacker need to listen to the packets flowing between two users in the network, simply known as 'MAN IN THE MIDDLE' attack. Here the attacker interpret as a legitimate user and gets his data from the responder.
URL spoofing is other wise well know as 'PHISHING'. Here the attacker give little more effect to get his data from the victim. The attacker need to design a webpage which looks and feels similar to the original web page, this can be done as simple as in few mits just by grabbing the source code. now they just need to edit the source code to change the destination link and the database link. Then they will be hosting their page in different server even for free. Always when you click a link plz look at the address bar and also at the loading bar which is the left bottom corner of the browser if you find a different web page name rather than the registered website please don't submit your data in it. This phishing attack is mail done for the online banking website and also for the mail providers website.
Mail ID spoofing is another commonly used and easy way to do again this can be done with many sofware which is of free of cost and also, If a site has configured the mail server to allow connections to the SMTP port, anyone can connect to the SMTP port of a site and (in accordance with that protocol) issue commands that will send email that appears to be from the address of the individual's choice; this can be a valid email address or a fictitious address that is correctly formatted.
Most common mail which every one would had at least received once is " congratulation you have won 10000000 USD DOLLER" which is one type of spamming but still those people use the spoofed ID to claim them self as the legitimate company .
To check this, if your gmail user go to tha mail look for a down arrow mark near to reply and look for ' SHOW ORIGINAL' it actually shows the message ID, authentication detail, domain name of the SMTP server and other detail about the user. If you study a bit about the header file we can come to a conclusion. This is bit hard to non tech people but still it's a method to find out.
ADVICE: Never reply to an unfamiliar mails. No one is going to give money for doing nothing, so please ignore those.
MAC address spoofing, yes believe me it is possible. Few people say that we can't change the physical address of the NIC i.e MAC address, but it's wrong.
In Microsoft's OS it is possible simply by changing the value of the network driver in the registry file.
1) IP spoofing
2) web page or URL spoofing
3) Mail ID spoofing
4) MAC address spoofing
IP spoofing is done simply by changing the original ip address with a fake IP using many softwares.
This is mainly done when the attacker need to listen to the packets flowing between two users in the network, simply known as 'MAN IN THE MIDDLE' attack. Here the attacker interpret as a legitimate user and gets his data from the responder.
URL spoofing is other wise well know as 'PHISHING'. Here the attacker give little more effect to get his data from the victim. The attacker need to design a webpage which looks and feels similar to the original web page, this can be done as simple as in few mits just by grabbing the source code. now they just need to edit the source code to change the destination link and the database link. Then they will be hosting their page in different server even for free. Always when you click a link plz look at the address bar and also at the loading bar which is the left bottom corner of the browser if you find a different web page name rather than the registered website please don't submit your data in it. This phishing attack is mail done for the online banking website and also for the mail providers website.
Mail ID spoofing is another commonly used and easy way to do again this can be done with many sofware which is of free of cost and also, If a site has configured the mail server to allow connections to the SMTP port, anyone can connect to the SMTP port of a site and (in accordance with that protocol) issue commands that will send email that appears to be from the address of the individual's choice; this can be a valid email address or a fictitious address that is correctly formatted.
Most common mail which every one would had at least received once is " congratulation you have won 10000000 USD DOLLER" which is one type of spamming but still those people use the spoofed ID to claim them self as the legitimate company .
To check this, if your gmail user go to tha mail look for a down arrow mark near to reply and look for ' SHOW ORIGINAL' it actually shows the message ID, authentication detail, domain name of the SMTP server and other detail about the user. If you study a bit about the header file we can come to a conclusion. This is bit hard to non tech people but still it's a method to find out.
ADVICE: Never reply to an unfamiliar mails. No one is going to give money for doing nothing, so please ignore those.
MAC address spoofing, yes believe me it is possible. Few people say that we can't change the physical address of the NIC i.e MAC address, but it's wrong.
In Microsoft's OS it is possible simply by changing the value of the network driver in the registry file.
How to do it in XP ??
a) Go to Start -> Run, type "regedt32" to start registry editor. Do not use "Regedit".
b) Go to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}". Double click on it to expand the tree. The subkeys are 4-digit numbers, which represent particular network adapters. You should see it starts with 0000, then 0001, 0002, 0003 and so on.
c) Find the interface you want by searching for the proper "DriverDesc" key.
d) Edit, or add, the string key "NetworkAddress" (has the data type "REG_SZ") to contain the new MAC address.
e) Disable then re-enable the network interface that you changed (or reboot the system).
or
simply use some tool to do those. Google it and also let me know.
In LINUX
It's only a three step process
a) Bring your interface down= ifconfig eth0 down
b) Enter new mac address= ifconfig eth0 hw ether (00:00:00:11:11:11:11) or any
c) Bring back the interface = ifconfig etho up
About MAC OS
Under Mac OS X, the MAC address can be altered in a fashion similar to the Linux and FreeBSD methods:
sudo ifconfig en0 lladdr 00:01:02:03:04:05
or
sudo ifconfig en0 ether 00:01:02:03:04:05
a) Go to Start -> Run, type "regedt32" to start registry editor. Do not use "Regedit".
b) Go to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}". Double click on it to expand the tree. The subkeys are 4-digit numbers, which represent particular network adapters. You should see it starts with 0000, then 0001, 0002, 0003 and so on.
c) Find the interface you want by searching for the proper "DriverDesc" key.
d) Edit, or add, the string key "NetworkAddress" (has the data type "REG_SZ") to contain the new MAC address.
e) Disable then re-enable the network interface that you changed (or reboot the system).
or
simply use some tool to do those. Google it and also let me know.
In LINUX
It's only a three step process
a) Bring your interface down= ifconfig eth0 down
b) Enter new mac address= ifconfig eth0 hw ether (00:00:00:11:11:11:11) or any
c) Bring back the interface = ifconfig etho up
About MAC OS
Under Mac OS X, the MAC address can be altered in a fashion similar to the Linux and FreeBSD methods:
sudo ifconfig en0 lladdr 00:01:02:03:04:05
or
sudo ifconfig en0 ether 00:01:02:03:04:05
No comments:
Post a Comment