Page 1 of 1
- FreeBooterSite Admin
OS : Windows 10
Arch. : x64 (64-bit)
Anti-Malware : ESET Smart Security
Posts : 2124
Rubies : 837079
Likes : 211
What are IP and DNS Spoofing Attacks
The basis of spoofing involves masquerading as a trusted system in order to gain unauthorized access to a secure environment. IP spoofing involves modifying data to make it appear to originate from the IP address of a system that is trusted by a server or firewall. Using this approach, a host is able to pass through the IP filtering that would otherwise serve to prevent access.
The objective of IP Spoofing is to gain unauthorized access to a server or service. DNS Spoofing differs in that the objective is send users to a different location than the one they thought they were going to. Take, for example, a user who goes to their bank's web site to perform online banking transactions (such as paying bills etc). The user enters the web address (URL) of their bank into a browser. The browser contacts a Domain Name Server (DNS) which looks up the IP address which matches the URL. The user is then taken to the site located at that IP address where they enter their login and password. DNS spoofing involves the DNS server being compromised such that the bank URL is set to point to the IP address of a malicious party where a web site that looks just like the real bank site has been set up. Now when the user enters the URL in a browser they are taken to the fake web site where their login and password are captured and stored. The web site will then likely report that the bank site is off-line for maintenance. The user decides to return and try again later. Meanwhile the attacker uses the customer's credentials to log into the account on the real site and transfer all the money out of the account.
Did you find this tutorial helpful? Don’t forget to share your views with us.
Create an account or log in to leave a reply
You need to be a member in order to leave a reply.
Page 1 of 1
Permissions in this forum:You can reply to topics in this forum