LKBEN11104: What is spoofing?


You need information about spoofing.


You want ot know what spoofing is.


In simple words a spoofing attack is when a person or program masquerades as another person or program and thus gaining access to user informations (e.g. bank data, passwords).

There are some different sorts of spoofing attacks:

-Man in the middle and ip spoofing
A man in the middle attack occurs when somebody monitors the packets send between users. When the attacker has enough data he can guess the sequence number of the packets and injects his own packets in the data stream, claiming to be one of the original users and thus gaining access to all the messages send between the users.

-URL spoofing
In this attack an original website is reproduced on a server under the control of an attacker. This is to fool users into believing they are on the correct website (e.g. from a bank) and the attacker can read-out the username and password.

-Referer spoofing
Is to gain unauthorized access to websites by changing the referer header of a http request.

-E-mail address spoofing
This is a commomly user technique used by spammers. The sender information in e-mails is spoofed to conceal the origin of the mail. As long as the e-mail fits the protocol, the SMTP protocol will send the message.


The information provided in this document is intended for your information only. Lubby makes no claims to the validity of this information. Use of this information is at own risk!

About the Author

Author: Wim Peeters - Keskon GmbH & Co. KG

Wim Peeters is electronics engineer with an additional master in IT and over 30 years of experience, including time spent in support, development, consulting, training and database administration. Wim has worked with SQL Server since version 6.5. He has developed in C/C++, Java and C# on Windows and Linux. He writes knowledge base articles to solve IT problems and publishes them on the Lubby Knowledge Platform.

Latest update: 05/10/2020 | Comment: