What is Spoofing?
Just as the name suggests, a spoofing attack occurs when someone with malicious intent fools or impersonates a particular device or user on a computer network to steal data, use malware or find a way around certain controls.
To fully understand them, you’ll likely need to know about servers and networking.
IP address attacks
Simply put, IP spoofing is a form of forgery or hijacking that can be used to get around authentication requirements.
In this case, cybercriminals can use disguised or “spoof” attacks to impersonate a system with certain access permissions to bypass security measures.
It can result in your browser being hijacked by an attacker, or allow a cybercriminal to gain access to your network.
Eventually, attackers could gain access to sensitive information like a credit card number.
He or she could also take over your computer.
IP address spoofing can be prevented with firewalls that block IP packets with source addresses that are different than the IP address of your computer or network.
Domain Name System attacks
With this type of spoof attack, a hacker can alter a DNS server and send a particular domain to a different IP address, which could actually be controlled by the cyber-attacker.
In that instance, the malicious server could contain malware.
These forms of spoofing are typically used to help the spread of viruses or computer worms.
To avoid DNS spoofs, consider whether you should host your own servers or allow a service provider or domain registrar to host them for you.
If you run your own servers, keep them updated and constantly monitor them.
If you use a third party, ask about their security processes.
If you aren’t sure where to begin, check out the special publication from the National Institute of Standards and Technology at http://csrc.nist.gov/publications/nistpubs/800-81r1/sp-800-81r1.pdf.
Address Resolution Protocol
In an ARP spoof attack, an attacker sends fake ARP messages through the Local Area Network to link the attacker with the IP address of a legitimate member on the network.
In other words, when your computer attempts to find your network, it sends out a request for a response.
But unfortunately, your computer doesn’t know if the response it receives is from a legitimate network.
If a hacker has obtained access to your network, he has the ability to respond to your computer.
Essentially, your computer begins to communicate with the malicious hacker’s computer rather than your own.
If this happens, secure data could be unintentionally sent to the attacker.
This method is often used by those who want to modify data or steal information, but they are also used to conduct other types of attacks.
To avoid ARP spoofs, ensure your wireless router has a strong password.
You can also research software that you can install to help protect against ARP attacks.
If others have access to your router, or if you use a public router, don’t perform tasks that include online banking or making purchases.
You never know whose public network you’re actually connecting to in these instances; it could just be a cybercriminal’s network.
To avoid spoofing of various sorts, lean on secure communications such as Transport Layer Security, Secure Shell (SSH), and HTTP Secure (HTTPS).
These methods help to encrypt and authenticate data.