The word spoof means “to hack” or “to deceive”. Spoofing is a technology that hides communication from an unknown source, the communication process in it starts with a trusted and known source. It is a way that provides unauthorized access to any system to an unauthorized person, but it is secure at the initial level because it starts with a trusted source.
In it, the invader sends a message to the computer that he/she wants to spoof, and the user of the computer accepts that message because it comes from a trusted source. The invader must have to search the IP address first and then send a message to a system. To search the IP addresses the invader uses multiple methods.
Methods of spoofing
- IP spoofing
- Email spoofing
- Web spoofing
- DNS spoofing
- ARP spoofing
This method of spoofing is used to get unauthorized access to any computer. The invader sends a packet with a trusted source to the computer. In order to do its task successfully, the invader has to do many things like
- Invader has to set a target and obtain it.
- Search and obtain the IP address of any trusted machine.
- After obtaining the IP address, just stop the communication of that machine with other devices and machines.
- The next step is to maintain a connection between your target and the trusted machine which you find after research.
- Try something to get the machine’s sequence number.
- The next step is to change the headers of the packets to be sent so that it seems to be original and invaders can easily hack that system.
- The next invader will develop a connection to any port which is authenticated. Authentication of the port is an essential step to ensure the target that it is from a secured connection and save.
- After the successful implementation of all the above-mentioned processes, then the next step which is also the final step is the formation of any backdoor access.
This method of spoofing has a drawback in that the system “C” blindly attacks the system “A”. It is unable to see the review of the system “A” because it attacks the system “A” through the system “B”.
In this methodology the invader spoof a system or any information through email. The system to be attacked receives an email from a trusted source. It seems that it is from a trusted source but the reality is that it is from the invader or hacker. This method of spoofing is not only for hacking purposes, it is also used to spread viruses and to dragging of any sensitive business data, etc.
When a person receives a post letter on their email address, he/she is unable to recognize is it from authenticated source or not. The reason behind this is the letter contains the email address and name on the top left corner; it also has the return address. The invader adds all these addresses and names due to some reasons that are:
- The email which the invader wants to send is a spam email and the user doesn’t want to face the anti-spam rules.
- The invader adds the name because he/she knows the people and usually avoids emails from unknown people or unknown sources.
- The invader is trying to cause problems for any person by pretending to be that person.
Web spoofing is basically the change of data or any information viewed by the victims. This is the most dangerous type of spoofing as the invader can collect some sensitive information from this like the credit card number, phone numbers, addresses, passwords, etc.
It can work on both the internet explorer and Netscape. This is not prevented by all the connections which provide security as well. It is because there is a protocol known as SSL which is essential for the websites to be authenticated. The invader can change any information or form on any website even when the browser is displaying a secure connection.
There are two ways to implement this spoof.
- Invaders make such changes that all pages shown to the victim go through the invader’s server. Moreover, whenever the victim tries to find out or load the new page the pages come from the invader’s server. In this way, attack continues on the next page.
It is basically the successful editing or addition of wrong information using a host which is unauthorized and unable to provide any information. It is possible using multiple techniques, the invader distracts the user from its website to some other unwanted link that is harmful and a source of the virus. The majority of available DNS servers on the internet are vulnerable to the purpose of spoofing.
The invader targets any DNS server with the aid of the customer then the invader changes the record according to him/her. After that when the user searches any required DNS server but he/she got that DNS server which is updated by the invader.
ARP stands for “Address Resolution Protocol”. It is basically a protocol frequently used by the IP for the mapping procedure of IP addresses to the IP hardware. The purpose of ARP spoofing is to change the invader’s “MAC address” with the IP address of any other host. In this spoofing type, an invader is able to make changes to the packets of a network; the invader can also affect the traffic easily.