Focus2Learn
  • Way2Learn
  • OSI Model
    • Intro
    • OSI Model Layers - Functions and Protocols
    • TCP/IP Protocol Suite
    • Layers Functionalities
    • TCP and UDP ports
    • Network Connecting Devices
    • Network Security Devices
    • Network Vulnerability
    • Kerbros
  • Architectures
    • Qradar
    • Splunk ES
    • SOC Analyst Work Culture
    • Playbooks
  • Information Security
    • AAA
    • CIA Traid
    • Cyber Attacks
    • Cyber Kill Chain
    • Threat - Vulnerability - Exploit - Risk
    • MITRE ATT&CK Framework
    • Spoofing Attacks
  • Log Analysis
    • SSL
    • Splunk Queries
    • Log Aggregation, Processing and Analysis for Security
    • Firewall Logging
    • Proxy Server
    • DNS Server
    • Email Analysis
    • Network Data Analysis
    • Web Application Security
    • Threat Hunting with Microsoft O365 Logs
    • Darktrace
    • EDR
    • Random Topics
    • Incident Response
    • Windows Logs
    • Windows Ransomware Detection
    • Ref Diagrams
  • External Sites
    • Fav Links
    • Cyber-Kill-Chain_YouTube_Link
    • OWASP TOP 10 - 2017
    • Splunk UseCases
    • CCNA Course
    • Switch
    • Port Numbers
    • Windows Event IDs
    • Splunk-Oxygen
    • Privilege Escalation Attack
    • Threat Hunting with Splunk
  • PDF Files
    • Imp PDF Files
  • Online Reputation Checking Tool
  • AWS Cloud Security
    • AWS GuardDuty
  • Security Controls
  • CrowdStrike
    • Falcon Queries
    • User Sessions Hunting
    • Day to Day
    • Hunting Falcon
  • DarkTrace
    • Ref Links
  • Web Application Security
    • Links
Powered by GitBook
On this page
  • Overview
  • Types of Spoofing Attacks
  • ARP Spoofing
  • Reference Links:

Was this helpful?

  1. Information Security

Spoofing Attacks

It is one of those tricks by which an attacker can get access to the whole computer system or server of an organization and steal all the essential data, which can result in demolishing the reputation

PreviousMITRE ATT&CK FrameworkNextSSL

Last updated 4 years ago

Was this helpful?

Overview

Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server.

Spoofing can be used to gain access to a target’s personal information, spread malware through infected links or attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack. Spoofing is often the way a bad actor gains access in order to execute a larger cyber attack such as an or a .

Successful attacks on organizations can lead to infected computer systems and networks, data breaches, and/or loss of revenue—all liable to affect the organization’s public reputation. In addition, spoofing that leads to the rerouting of internet traffic can overwhelm networks or lead customers/clients to malicious sites aimed at stealing information or distributing malware.

Types of Spoofing Attacks

ARP Spoofing

Address Resolution Protocol (ARP) poisoning is an attack that involves sending spoofed ARP messages over a local area network. It’s also known as , ARP poison routing and ARP cache poisoning.

These attacks attempt to divert traffic from its originally intended host to an attacker instead. ARP poisoning does this by associating the attacker’s Media Access Control (MAC) address with the IP address of the target. It only works against networks that use ARP.

ARP poisoning is a type of Man-in-the-Middle attack that can be used to stop network traffic, change it, or intercept it. The technique is often used to initiate further offensives, such as session hijacking or denial-of-service.

Reference Links:

advanced persistent threat
man-in-the-middle attack
ARP spoofing
ARP poisoning/spoofing: How to detect & prevent itComparitech
How To Prevent Spoofing Attacks and Understand the Main TypesComparitech
Logo
Logo