Spoofing

1. Spoofing Keegan Haukaas, Samuel Robertson, Jack Murdock

2. Overview • Email Spoofing • IP Spoofing • Web Spoofing

3. Email Spoofing • Pretending to send an email from someone else

4. Reasons for Email Spoofing • Hide Identity • Impersonate Company or Authority

5. How to Spoof an Email • SMTP functions • Insert commands in headers

6. Examples • Posing as a Bank • Posing as Facebook • Posing as Relative

7. Mitigating Email Spoofing • Look at address • Read through message • Check links against legitimate site

8. Reporting Email Spoofing • Legitimate Company/Person • Federal Trade Commission spam@uce.gov

9. IP Spoofing • IP spoofing is when the IP source address is changed in the packet header • Legitimate uses' of IP Spoofing- Website Testing • Illegitimate uses of IP Spoofing • DoS • Gain entry to System

10. IP Spoofing (cont.) • Nmap • Ipconfig /all • Nmap –iflist • Nmap –e eth7 –S 10.154.14.138.10.25.17.45 • Defense against IP Spoofing • Packet Filtering • DO NOT rely only on IP address to gain access

11. Web Spoofing • General techniques: • Similar URL • Copy Site design/code • “Malvertising”

12. Similar URL • Mistyping • Favebook vs Facebook • Alternate Top-Level Domains • Whitehouse.gov vs Whitehouse.com • Countermeasures: • Purchase the alternate domain, check spelling, check security certificate

13. Design Hijacking • Copies all (or all accessible) HTML, CSS, JavaScript, etc. • Incorporates design into new site • Most likely also uses a spoofed/similar URL • Check for Security Certificate/HTTPS • Websites need to be verified in some way to be granted a certificate • Countermeasures: • Code obfuscation, closed-source, HTTPS, etc.

14. Malvertising • Stands for Malicious Advertising • Exploits ads in sites • Attacker puts up “clean” ads, gains reputation • Then injects malicious code into advertisements • “Drive-by” style attacks, or click activation • Attacker hacks site, injects code into banner ads • Countermeasures: • Install AdBlock, don’t click on ads, avoid sites with instrusive/pop-up ads, check site’s reputation

15. Summary • Email Spoofing • IP Spoofing • Web Spoofing

16. Q A &