Spoofing attacks are done by tricking the target by pretending that they are trustworthy hosts. this technique is used to gain access to a computer or system, attacker deceives by stating that he is a trusted host who can help target needs, when the target is deceived the attacker will use the target data and information to access the target system and take advantage of the system that was successfully hacked.
Some forms of spoofing attacks are often used :
Many forms of Spoofing attacks are carried out by hackers but the three forms of attacks above are often carried out by hackers
MITM or Man-In-The-Middle is a form of attack by eavesdropping, the attacker creates an independent connection with the target and relay messages between them, thus making them believe that they are talking directly to each other with a personal connection,But in reality the whole conversation was being controlled by the attacker.The thing done by the attacker is holding back the message that happened and changing all the messages
Basic concept of this attack in general is that the attacker is in the middle or between two computers that are communicating, so that technically it allows the attacker to see, change and control the data sent between the two computers.
Routing redirect is a form of attack by retrieving data sent by the tager, the attacker changes the location of the data sent by the target to his location. Usually the target of this attack is data sent via email, company router network, and company wifi network which aims to get information from the data sent by the target.
Understanding the word redirect is (re = back and direct = direction) which means the attacker is carrying or changing the target data transmission path to him
Source routing technique in some cases is a legal activity. For example, this technique can be used to find a router IP address on the network. Abuse of this technique is used by attackers to learn the ins and outs of the network to be attacked. Data will contain information about which routes and websites have been passed,
The attacker sends data to the network to collect and obtain information about the network topology used by the target. If the source routing is successful, the attacker can get the target network path and can search for actions that have been carried out by the target and then the attacker can steal all information that the target has left, such as accounts, uploaded data and data sent by the target.
Prevention of web spoofing
2. Ensure that the browser’s location line is always visible.
3. Pay attention to the URL displayed on the browser’s location line to make sure the URL refers to the server of the actual site visited.
Prevention of DNS spoofing
DNS spoofing can be overcome by disabling recursive queries to name servers by making split DNS, which is to create two name servers. The main name server is used to handle the domain name from the public domain, while the second name server in the internal network is the cache name server that is responsible for answering queries from the user requesting the domain
Prevent ARP Spoofing
1. Check MAC Address using Colasoft MAC Scanner tools.
2. Scan the network, if there are 2 pieces of the same IP Address with the client’s broken gateway from the network then scan the virus using an antivirus that has up-to-date virus databases.
3. After virus scanning, this closing step is done, open the Prom Command then type: arp –s ip_address_gateway mac_address_gateway then press the Enter key
Prevent IP Spoofing
1. Installing filters on routers by utilizing “Ingress and Engress filtering” on routers is the first step in defending itself from spoofing.
2. Our encryption and authentication can also overcome IP spoofing by implementing data authentication and encryption.