spoofing l.
Skip this Video
Loading SlideShow in 5 Seconds..
Spoofing PowerPoint Presentation
Download Presentation

Loading in 2 Seconds...

play fullscreen
1 / 25

Spoofing - PowerPoint PPT Presentation

  • Uploaded on

Spoofing. Rafael Sabino 10/28/2004. Introduction. What is spoofing? Context and Security relevant decisions Phishing Web spoofing Remedies. What is Spoofing?. Dictionary.com definitions: To deceive A hoax. Security Relevant Decisions. Decisions that can lead to undesirable results

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Spoofing' - Pat_Xavi

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript


Rafael Sabino


  • What is spoofing?
  • Context and Security relevant decisions
  • Phishing
  • Web spoofing
  • Remedies
what is spoofing
What is Spoofing?
  • Dictionary.com definitions:
    • To deceive
    • A hoax
security relevant decisions
Security Relevant Decisions
  • Decisions that can lead to undesirable results
  • Examples
  • Accepting data as being true and accurate
  • The browser, text, and pictures
  • Names of objects
  • Timing of events
context spoofing examples
Context Spoofing (Examples)
  • http://www.antiphishing.org/phishing_archive.html
context spoofing
Spoofed emails have upwards of 20% success rates

Costs billions of dollars to the industry

Brand names attacked:


Microsoft MSN


Context Spoofing
  • Citigroup
  • Wachovia
  • Bank of America
  • Yahoo!
  • Ebay
  • Paypal
  • Unauthorized Surveillance
  • Tampering
  • Identity theft
what is web spoofing
What is Web Spoofing?
  • Creating a shadow copy of the world wide web
  • Shadow copy is funneled through attackers machine
  • Data tampering
web spoofing attack
Web Spoofing Attack
  • The physical world can also be spoofed
  • Security relevant decisions and context
how does the attack work
How does the Attack Work?
  • Step : 1 Rewriting the URL:
  • Example:
    • home.netscape.com
    • www.attacker.com/http://home.netscape.com
how does the attack work12
How does the Attack Work?


1. Request Spoof URL

4. Change page

5. Spoofed page

2. Request real URL

3. Real Page



how does the attack work13
How does the Attack Work?
  • Once attacker server obtains the real URL, it modifies all links
  • Rewritten page is provided to victim’s browser
  • This funnels all information
  • Is it possible to spoof the whole web?
  • Submitted data goes to the attackers server
  • Allows for tampering
  • Attacker can also modify returned data
secure connections
“Secure” Connections
  • Everything will work the same
  • Secure connection indicator will be turned on
  • Secure connection is with attacker’s server
  • “Secure” connections are a false sense of security
starting the attack
Starting the Attack
  • Put links in popular places
  • Emails
  • Search Engines
completing the illusion
Completing the Illusion
  • There are cues that can destroy the illusion:
    • Status line
    • Location line
    • Viewing document source
  • These can be virtually eliminated
status line
Status Line
  • Displays URL links points to
  • Displays name of server being contacted
  • JavaScript is the solution
location line
Location Line
  • Displays URL of current page
  • User can type in any URL
  • JavaScript is the solution
viewing document source
Viewing Document Source
  • Menu bar allows user to see pages’ source
  • JavaScript can be used to create a fake menu bar
tracing the attacker
Tracing the Attacker
  • Is possible if attacker uses his/her own machine
  • Stolen computers are used to launch attacks
  • Hacked computers are used as well
what can we do
What can we do?
  • Short term solution:
    • JavaScript
    • Location line is visible
    • Pay attention to location line
  • Be selective with your features
what can we do23
What can we do?
  • Do not reply to or click on a link that will lead you to a webpage asking you for info.
  • Look for the presence of a padlock and https://. Both most be present for a connection to be secure
  • Keep up with updates
what can we do24
What can we do?
  • Check your bank / credit card statements
  • To report suspicious activity, send email to Federal Trade Commision: uce@ftc.gov
  • If you are a victim, file a complaint at www.ftc.gov
  • www.antiphishing.com
  • http://www.cs.princeton.edu/sip/pub/spoofing.html
  • Gary McGraw and Edward W. Felten. Java Security: Hostile Applets, Holes and Antidotes. John Wiley and Sons, New York, 1996.