Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [spoofing]

Spoofing is an activity when a person or program try to impersonates itself as another.

Spoofing can be used to gaining an illegitimate advantage by masquerading itself as legitimate party. Some common spoofing are:

  1. IP Spoofing: Special crafted TCP/IP packet with forged source IP address. It can be used to perform DOS attack by sending it to "open" NTP/DNS server.
  2. ARP Spoofing: Special crafted ARP reply messages with forged MAC Address. It can be used to perform MITM attack.
  3. Email Spoofing: Special crafted email with forged sender address and/or forged email header. It can be used to perform phising or spamming.

Another spoofing activities are: HTTP header spoofing, Caller ID spoofing, GPS spoofing and others.

123 questions
0
votes
0 answers

Allowing Messages from IP Address DMARC

I'm still learning infrastructure stuff and need to ask a question which relates to DMARC. A user in the organisation has an app which is sending marketing messages to staff within the business. The messages leave the network and come back in, but…
RLBChrisBriant
  • 493
  • 1
  • 6
  • 20
0
votes
1 answer

iptables and SNAT spoofing

So we are working with iptables at class and I've been testing some rules in the NAT table. As far as I know SNAT changes the IP source of a packet to which the rule dictates but what I tested does not seem to work every time. I added this rule:…
Deketh
  • 1
  • 1
0
votes
3 answers

Preventing a Large Number of Failed Login Attempts from FAKE SPOOFED IPs?

My system log file (/var/log/auth.log) is showing hundreds and hundreds of different IP's trying to log into my system. How can I prevent all these attacks? It looks like all the IP addresses are fake ("pin" or "traceroute") always shows hundreds…
Asher
  • 101
  • 3
0
votes
0 answers

It's 2020, is it still implausible to set up a "secure" open resolver?

In reference to this question, last updated five years ago. I'm interested in setting up a public DNS server as a personal project, but I'm aware that open resolvers make it extremely easy to amplify requests and DDoS other resolvers. I sought…
lynn
  • 101
-1
votes
1 answer

Make program think that it's connecting to one IP, but spoof it with another

There's program that can connect to servers, but it's limited to 6 predefined IPs (although it has ability to connect to other IPs, don't ask why and how). I can't modify it. I need to connect to another public IP using that program. How can I make…
holmes0
  • 1
  • 1
-1
votes
1 answer

DNS Spoofing in Bind9 DNS Server

I configured Ubuntu Server 18.04 as a master DNS server. zone ==> google.com ; ; BIND data file for local loopback interface ; $TTL 12h @ IN SOA ns1.google.com. root.google.com. ( 2 ; Serial 604800 ;…
mohamadreza ch
  • 1
  • 1
-1
votes
2 answers

Concerns about SPF for external provider

I´m searching for some arguments to avoid the creation of an SPF record for an external survey provider. Example: Division inside a company (abcd) wants to send survey mails to external recipients with survey@abcd.com via an external survey…
MRae
  • 109
  • 3
-1
votes
1 answer

How to prevent an openly recursive DNS server from being abused for DNS amplification

I have a business need to provide an open and recursive DNS. This DNS has of course been heavily abused by DNS amplification attacks, resulting in 5-10 Mbps sustained outbound load only caused by spoofed ANY requests. I thus had to find a solution…
John
  • 73
  • 1
  • 5
-1
votes
2 answers

Can a DNS server (specified by its IP address) be spoofed?

When a DNS server is specified (in my case in OS X, in the Network Preferences), can it be spoofed (for instance by an organization with the power of a government)? I am asking the question because DNS poisoning is an important issue about which…
Eric O Lebigot
  • 146
  • 8
-1
votes
1 answer

What use are systems that ban IP addresses if all the evildoers spoof them anyways

Many anti-spam or web applications with a security component give the ability to ban IP addresses. In my experience any bot, person or other entity that is truly nefarious is using an endless supply of spoofed IP addresses anyways. What is the…
squarecandy
  • 101
  • 1
  • 1
  • 5
-1
votes
2 answers

Prevent spoofing - SPF, DKIM, DMARC in place

I am just a developer handling this issue for our small organization, so apologies in advance if I have missed anything obvious. We use Rackspace Cloud as our email provider. Our emails started going to spam folders for our customers in recent…
Apeksha
  • 99
  • 3
-2
votes
1 answer

How to check my network for IP spoofing availability?

I want to test if my network or even my ISP blocks spoofed IP packets. I am running a Debian Linux OS. I found this nice tool, but it's not working on my system .. https://www.caida.org/projects/spoofer/ Does somebody know another way how to check…
vP3nguin
  • 113
  • 1
  • 6
-2
votes
1 answer

Is it possible to make me send an email by opening a malicious email?

I know I don't have much info on this problem/question so I will delete if everyone downvotes or votes to close/delete. Is it possible for someone to make an email look like I sent it simply by me opening an email from them? I'm not a IT expert so…
Classified
  • 163
  • 2
  • 6
-2
votes
1 answer

Can I use ASA5505 to spoof the reply to a heartbeat request?

I have a CISCO ASA 5505 in a home office. It has two subnet, public and private. There is a wifi belkin router on the private net, which provides wifi for some users. That belkin router sends out heartbeat notice to a pre-programmed ip address, but…
ndasusers
  • 427
  • 1
  • 5
  • 14
-2
votes
1 answer

Security against IP spoofing without consulting network administrator

I was wondering that if there is a Local Area Network and one public IP,through which various clients connect(which have been allocated private IP's).Suppose one of the clients spoofs his IP to try to launch an attack against a server(say…
user1369975
  • 99
  • 5
1 2 3
8
9