What is Sniffing and Spoofing


Sniffing and Spoofing are security threats that target the lower layers of the networking infrastructure supporting applications that use the Internet. Users do not interact directly with these lower layers and are typically completely unaware that they exist. Without a deliberate consideration of these threats, it is impossible to build effective security into the higher levels. If the network packets are not encrypted, the data within the network packet can be read using a sniffer.
Sniffing data from the network leads to loss of privacy of several kinds of information that should be private for a computer network to be secure. These kinds of information include the following:

  •  Passwords
  •  Financial account numbers
  •  Private data
  •  Low-level protocol information

Packet sniffing captures network traffic at the Ethernet frame level. Such a network attack starts with a tool such as Wireshark. Wireshark allows you to capture and examine data that is flowing across your network. Any data that is not encrypted is readable, and unfortunately, many types of traffic on your network are passed as unencrypted data — even passwords and other sensitive data. We will discuss about wireshark in the other posts.

Spoofing is an active security attack which involves masking the IP address of a certain computer system. By hiding or faking a computer’s IP address, it is difficult for other systems to determine where the computer is transmitting data from. Because IP spoofing makes it difficult to track the source of a transmission, it is often used in denial-of-service attacks that overload a server. This may cause the server to either crash or become unresponsive to legitimate requests. Fortunately, software security systems have been developed that can identify denial-of-service attacks and block their transmissions.

IP spoofing-based DoS attacks are relatively straightforward. An attacker sends a packet to the target host with a forged IP address (SYN). The targeted host sends an acknowledgement (ACK) and waits for a response. The response never comes, and these unanswered queries remain in the buffer of the targeted device. If enough spoofed queries are sent, the buffer will overflow and the network device will become unstable and crash.

Phone number spoofing: Anyone can fake the number or area code of from where they are calling. This type of spoofing is done by telemarkers to hide their true identity and by hackers to gain access to unprotected phone voicemail messages.

As see you, there’s no much difference between them. The final goal of these attacks would be reaching your target and attacking the target.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s