Spoofing network traffic

There are several definitions for spoofing on the Internet:

  • Email spoofing: This is the most common definition related to masquerading as a different person by using a fake email address. This works well when attempting a phishing attack, where the victim is sent an email that purports to be from their bank or a retail store.
  • Domain spoofing: It is possible to spoof a domain, and this is where you poison the route table on their network or individual workstation. How that works is that the domain the user types into the address bar is misaligned to point at a false IP address. When the victim goes to http://bankarmenia.com/, they end up at a phishing site that looks exactly like the Bank of Armenia site, but it is not. This ...

Get Penetration Testing: A Survival Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.