Check Point NG: Next Generation Security Administration
Learn to implement a strong security solution using Check Point VPN-1/FireWall-1.
TABLE OF CONTENTS Check Point NG: Next Generation Security Administration
What It Means to Spoof
Merike Keao, in Designing Network Security, defines spoofing attacks as "providing false information about a principal's identity to obtain unauthorized access to systems and their services." She goes on to provide the example of a replay attack, which occurs when authentication protocols are weak enough to allow a simple playback of sniffed packets to provide an untrusted user with trusted access. Merike's definition is accurate, but certain clarifications should be made to accurately separate spoofing attacks from other, network-based methods of attack.
Spoofing Is Identity Forgery
The concept of assuming the identity of another is central to the nature of the spoof. The canonical example of spoofing is the Internet Protocol (IP) spoofing attack. Essentially, Transmission Control Protocol/IP (TCP/IP) and the Internet trusts users to specify their own source address when communicating with other hosts. But, much like the return addresses we place on letters we mail out using the U.S. Postal Service, it's up to the sender of any given message to determine the source address to preface it with. Should the sender use a falsified source address, no reply will be received. As we will see in this chapter, this is often not a problem.
Spoofing Is an Active Attack against Identity Checking Procedures
Spoofing at its core involves sending a message that is not what it claims to be. Take the example of an IP spoofed packet that takes down a network. Now, this message may appear to have...
Copyright Syngress Publishing, Inc. 2002 under license agreement with Books24x7
