Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [spoofing]

Spoofing is an activity when a person or program try to impersonates itself as another.

Spoofing can be used to gaining an illegitimate advantage by masquerading itself as legitimate party. Some common spoofing are:

  1. IP Spoofing: Special crafted TCP/IP packet with forged source IP address. It can be used to perform DOS attack by sending it to "open" NTP/DNS server.
  2. ARP Spoofing: Special crafted ARP reply messages with forged MAC Address. It can be used to perform MITM attack.
  3. Email Spoofing: Special crafted email with forged sender address and/or forged email header. It can be used to perform phising or spamming.

Another spoofing activities are: HTTP header spoofing, Caller ID spoofing, GPS spoofing and others.

123 questions
0
votes
1 answer

Cisco 871 IOS BVI: Distinguishing incoming and outgoing

I understand that a BVI is very much equivalent to a network switch. But it includes the benefit of being able to have an access control list. I am doing this, but I would like to more effectively distinguish incoming vs outgoing. Right now, all I…
700 Software
  • 2,163
  • 9
  • 47
  • 77
0
votes
1 answer

Blocking External Mail Sent w/ Spoofed Email Address

We recently got an email from an outside server that had a spoofed "From:" header that was the email address of one of our users. Is there a way to have sendmail reject emails coming in from an outside network that claim to be a specfic user, but…
Andrew Case
  • 3,409
  • 3
  • 21
  • 38
0
votes
2 answers

Hyper-V MAC Spoofing security hole

I have a windows 2008 R2 SP1 standard dedicated server and i installed Hyper-V role on it. I'm serving Hyper-V VPSs on this server and i can't trust virtual nodes. now the broblem is each node can install a sniffer tool like Cain & Abel and sniff…
abbasb
  • 1
0
votes
1 answer

Banner Grabbing Spoofing

I run a windows server 2008 standard R2. Is there a way to spoof the server banner ? So instead of Microsoft-IIS/7.5 it could be anything.
SysAdminBeginner
  • 25
  • 2
0
votes
2 answers

My exchange 2003 mail server is blocked by RBL lists. Someone is sending spam from inform@mydomain.com

All outgoing email to external recipients from my Exchange 2003 server is getting blocked by RBL lists. I'm new to administrating Exchange and i checked the Message Tracking Center under System Manager on the Exchange server and it's showing that an…
A M
0
votes
3 answers

How to scan for which ports would be open to another location

I'm just assessing the security of my home server in preparation for opening it up to the internet. I've used nmap from a machine on my local network but I have firewall rules allowing access from the local network so this reveals more than I think…
Ben Hymers
  • 703
  • 2
  • 8
  • 12
0
votes
1 answer

ISA Server dropping packets as it believes they are spoofed

We have ISA Server 2004 running on Windows Server 2003 SP2. It has 2 NICs - one internal called LAN on 192.168.16.2, with a subnet of 255.255.255.0, and one external called WAN on 93.x.x.2. The default gateway is 93.x.x.1 (our modem). This machine…
RB.
  • 382
  • 2
  • 8
  • 19
0
votes
4 answers

I need to somehow change my ip address

i`m in a lan using iptables/masquerade. what i want to do, is to login in a web application.i write my user and passwd and click login and everything is fine, but if i try to modify something in that aplication it tells me that i have a wrong ip…
tric
0
votes
1 answer

Redirecting requests from domain to local server

I'm developing a web application for a pre-production hardware device which has the domain from which it loads the app hard-coded. Is there a (simple) way for me to reroute these requests to a local development server? I've been trying to get…
John Schulze
  • 73
  • 1
  • 6
0
votes
0 answers

Is IP Spoofing still a thing in 2022?

I'm trying to understand if IP Spoofing is really possible in 2022. I generally found old documents which explains how you cannot trust the source IP for UDP connections and for the first SYN packet of a TCP conection. I also remember attempts to…
RDX
  • 11
  • 1
0
votes
0 answers

smpp requires a persistent connection. will ip spoofing work?

usually connecting to external SMPP gateway requires IP whitelisting. recently, there were some SMS sent without SMPP record (that was without our submission). I worried if our IP was spoofed. since SMPP requires to establish a persistent…
peter chan
  • 51
  • 1
  • 2
0
votes
0 answers

Prevent FING / network scan on router level

I connect 20+ phones on the same wifi. I use each with a different VPN connection (android) I see a network scan can leak when pining the whole subnet. Is there a router settings to avoid discovery on LAN ? Can I connect a second router with…
Sion C
  • 101
0
votes
0 answers

How to hide restricted nginx subdomains?

To hide a restricted location, e.g. location /secret/ { allow 10.0.0.0/24; deny all; } one could set error_page 403 =404 /404.html; error_page 404 /404.html; to make impossible to distinguish a non-existing location (404) from a restricted one…
Polizi8
  • 15
  • 6
0
votes
1 answer

How to hide restricted nginx subdomains?

To hide a restricted location, e.g. location /secret/ { allow 10.0.0.0/24; deny all; } one could set error_page 403 =404 /404.html; error_page 404 /404.html; to make impossible to distinguish a non-existing location (404) from a restricted one…
Polizi8
  • 15
  • 6
0
votes
1 answer

Server IP spoofed and attacking

I have a server that has been reported as an attacker since January, finally today I found some information about these attacks, however none of the logs on my server shows anything similar. As a consequence the IP is being banned in many blacklists…
spacebiker
  • 358
  • 4
  • 14
1 2 3
8 9