Search:

Americolahigh resolutionBiographieshigh resolutionPhotoshigh resolutionVideos high resolutionAuctions high resolutionShopping

 

Contact Any Celebrity, including "E-mail_spoofing"
Sign up for a risk-free trial to contact "E-mail_spoofing" for just $1.

Buy "E-mail_spoofing" items on auction from ebay.
Search from millions of items on auction for "E-mail_spoofing" collectibles.
E-mail spoofing biography, high resolution photos and videos by Americola

E-mail spoofing

[edit] Americola's celebrity biographies are provided by AmericolaWiki, a celebrity wiki. You can help contribute to Americola and edit this article.

E-mail spoofing is a term used to describe fraudulent email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. It is often associated with website spoofing which mimic an actual, well-known website but are run by another party either with fraudulent intentions or as a means of criticism of the organisation's activities.

Contents

  • 1 Methods
  • 2 Different types of spoofing
    • 2.1 Man-in-the-middle
    • 2.2 Non-blind spoofing
    • 2.3 Blind spoofing
  • 3 Protection against spoofing
    • 3.1 Router filtering
    • 3.2 Encryption and authentication
  • 4 See also
  • 5 External links

Methods

As many spammers now use special software to create random sender addresses, even if the user finds the origin of the e-mail it is unlikely that the e-mail address will be active.

The technique is now used ubiquitously by mass-mailing worms as a means of concealing the origin of the propagation. On infection, worms such as ILOVEYOU, Klez and Sober will often try to perform searches for e-mail addresses within the address book of a mail client, and use those addresses in the From field of e-mails that they send, so that these e-mails appear to have been sent by the third party. For example:

User1 is sent an infected e-mail and then the e-mail is opened, triggering propagation
The worm finds the addresses of User2 and User3 within the address book of User1
From the computer of User1, the worm sends an infected e-mail to User2, but the e-mail appears to have been sent from User3

This can be particularly problematic in a corporate setting, where e-mail is sent to organisations with content filtering gateways in place. These gateways are often configured with default rules that send reply notices for messages that get blocked, so the example is often followed by:

User2 doesn't receive the message, but instead gets a message telling him that a virus sent to them has been blocked. User3 receives a message telling him that a virus sent by them has been blocked. This creates confusion for both User2 and User3, while User1 remains unaware of the actual infection.

Newer variants of these worms have built on this technique by randomising all or part of the e-mail address. A worm can employ various methods to achieve this, including:

  • Random letter generation
  • Built-in wordlists
  • Amalgamating addresses found in address books, for example:
    • User1 triggers an e-mail address spoofing worm, and the worm finds the addresses user2@efgh.com, user3@ijkl.com and user4@mnop.com within the users Outlook address book
    • The worm sends an infected message to user2@efgh.com, but the e-mail appears to have been sent from user3@mnop.com

Different types of spoofing

Man-in-the-middle

In this form of network attack, a hacker will intercept two parties communications, and then alter the communication in any way that he/she sees fit. By using this form of spoof, a hacker can convince the receiver of a message to disclose confidential information, since the message will appear to have come from the supposedly trusted third party (the original sender of the message).

Non-blind spoofing

This occurs when a hacker is using the same subnet. The sequence and acknowledgment numbers are changed which makes it hard to calculate correctly. The largest problem with this type of spoofing is session hijacking, allowing a hacker to bypass any security set it place within the connection.

Blind spoofing

Blind spoofing is a much more difficult attack because the sequence and acknowledgment numbers are not reachable, making them extremely hard to track down and change. This is overcome by sending packets to the system being attacked to provide a sequence of numbers to discover the formula by studying these packets. Once the formula has been discovered, the sequence and acknowledgment numbers can be changed allowing the hacker full access.

Protection against spoofing

There are a couple preventative measures that can be used to protect spoofing from occurring.

Router filtering

Putting a filter on your router is the first preventive step. By using an Access Control List, you can block private IP addresses.

Encryption and authentication

By using encryption and authentication, you can reduce spoofing attacks. Ensuring the right authentication procedures are in place with a secure network will make it much more difficult for an attack to take place.

See also


Wikipedia information about E-mail spoofing
This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "E-mail spoofing".
It may not have been reviewed by professional editors (see full disclaimer). Help contribute to Americola and edit this article.
Sites
Searched sites for "E-mail spoofing"

No sites found.

  
Sorry, no matching site records were found.
Want your site listed here?

Submit your sitehigh resolution|e-mail_spoofingAffiliatese-mail_spoofing|e-mail_spoofingLogone-mail_spoofing|high resolutionPartnerse-mail_spoofing|e-mail_spoofingLinke-mail_spoofing|e-mail_spoofingToolsphotos|photosShop: - USphotos|photos- CANphotos|photos - UKphotos|photos - DEphotos|photos - FR
videosvideosvideosvideosvideosvideosvideosvideosvideosvideoscelebritiesbiographybiographybiographybiographybiographybiographybiographybiographybiographycelebritiescelebritiescelebritiescelebritiescelebritiescelebritiescelebritiescelebrities

Relevant quality search results and fast easy navigation throughout the different sections of the site, make Americola.com
a great entertainment search engine offering celebrity biographies, high resolution celebrity photos, videos and more.

Terms of usebiography|e-mail_spoofingPrivacy Policycelebrities|e-mail_spoofingContact Us
Copyright © 1998- Americola ® All Rights Reserved.