1 / 13

Address Spoofing, DoS, and VoIP

Address Spoofing, DoS, and VoIP. Groups 5 and 6. Spoofing, DoS, and VoIP. MAC Address Spoofing IP Spoofing DNS Spoofing TCP Spoofing DoS E-mail Spoofing VoIP Vulnerabilities. MAC Address Spoofing. Windows: Control Panel setting Linux: ifconfig eth0 hw ether <fake address>

nikkos
Download Presentation

Address Spoofing, DoS, and VoIP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Address Spoofing, DoS, and VoIP Groups 5 and 6

  2. Spoofing, DoS, and VoIP • MAC Address Spoofing • IP Spoofing • DNS Spoofing • TCP Spoofing • DoS • E-mail Spoofing • VoIP Vulnerabilities

  3. MAC Address Spoofing • Windows: Control Panel setting • Linux: • ifconfig eth0 hw ether <fake address> • Detection: arpwatch

  4. IP Spoofing • wINJECT • Fraggle • Stream • Detection: • Monitor traffic at border gateways

  5. DNS Spoofing • dsniff • Add to hostfile: • <your IP> <domain name> • dsniff –i eth0 –f hostfile

  6. DNS Spoofing • Early warning: • DoS slowing down valid DNS responses • Prevention: • Eventually, DNSSEC • Now: • Server – SSL • Client – check SSL certificate or use whois to confirm IP address

  7. TCP Spoofing • Invading the Three-Way Handshake • A DoS attack: tcpkill • Other dangers: SMTP • No need to be on network • Defenses: • Border routers should filter improper IP’s • What if hacker is on the network?

  8. TCP Spoofing (cont.) • Defense: Don’t get denied service!

  9. DoS Attacks • Datapool: 106 DoS attacks • Synful: SYN attack • Teardrop: fragments • UDPflood • Extra Attacks: Were any effective? • Defenses hard to generalize

  10. E-mail Spoofing Causes • SMTP protocol does not authenticate • Can include arbitrary FROM: address • Mail servers become open relay for spammers Solutions • SMTP AUTH extension • Certified Server Validation (CSV) and Sender Policy Framework (SPF) Protocols • Verify sender’s IP address with DNS entry

  11. VoIP Security • Sound data transmitted unencrypted • Vomit • Ethereal output to .wav conversion • SIP supports encryption (S-RTP) • Voice over IP Security Alliance (VOIPSA)

  12. Sources • http://www.dnssec.net/ • http://www.iglu.org.il/august/tcp-spoofing-html/ • http://www.csvmail.org/ • http://www.openspf.org/ • http://www.voipsa.org/

  13. Questions ?

More Related