Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [spoofing]

Spoofing is an activity when a person or program try to impersonates itself as another.

Spoofing can be used to gaining an illegitimate advantage by masquerading itself as legitimate party. Some common spoofing are:

  1. IP Spoofing: Special crafted TCP/IP packet with forged source IP address. It can be used to perform DOS attack by sending it to "open" NTP/DNS server.
  2. ARP Spoofing: Special crafted ARP reply messages with forged MAC Address. It can be used to perform MITM attack.
  3. Email Spoofing: Special crafted email with forged sender address and/or forged email header. It can be used to perform phising or spamming.

Another spoofing activities are: HTTP header spoofing, Caller ID spoofing, GPS spoofing and others.

125 questions
0
votes
1 answer

iptables: is it possible to spoof NEW packets and make them look like ESTABLISHED packets?

See title for the question. This question relates to a previous question wherein I asked the difference between NEW,ESTABLISHED and RELATED , see it here iptables: difference between NEW, ESTABLISHED and RELATED packets One of the rules has NEW in…
Kris
  • 1,367
  • 3
  • 15
  • 17
0
votes
1 answer

Cisco 871 IOS BVI: Distinguishing incoming and outgoing

I understand that a BVI is very much equivalent to a network switch. But it includes the benefit of being able to have an access control list. I am doing this, but I would like to more effectively distinguish incoming vs outgoing. Right now, all I…
700 Software
  • 2,233
  • 10
  • 49
  • 77
0
votes
1 answer

Blocking External Mail Sent w/ Spoofed Email Address

We recently got an email from an outside server that had a spoofed "From:" header that was the email address of one of our users. Is there a way to have sendmail reject emails coming in from an outside network that claim to be a specfic user, but…
Andrew Case
  • 3,489
  • 3
  • 23
  • 39
0
votes
2 answers

Hyper-V MAC Spoofing security hole

I have a windows 2008 R2 SP1 standard dedicated server and i installed Hyper-V role on it. I'm serving Hyper-V VPSs on this server and i can't trust virtual nodes. now the broblem is each node can install a sniffer tool like Cain & Abel and sniff…
abbasb
  • 1
0
votes
1 answer

Banner Grabbing Spoofing

I run a windows server 2008 standard R2. Is there a way to spoof the server banner ? So instead of Microsoft-IIS/7.5 it could be anything.
SysAdminBeginner
  • 25
  • 2
0
votes
2 answers

My exchange 2003 mail server is blocked by RBL lists. Someone is sending spam from inform@mydomain.com

All outgoing email to external recipients from my Exchange 2003 server is getting blocked by RBL lists. I'm new to administrating Exchange and i checked the Message Tracking Center under System Manager on the Exchange server and it's showing that an…
A M
0
votes
3 answers

How to scan for which ports would be open to another location

I'm just assessing the security of my home server in preparation for opening it up to the internet. I've used nmap from a machine on my local network but I have firewall rules allowing access from the local network so this reveals more than I think…
Ben Hymers
  • 703
  • 2
  • 8
  • 12
0
votes
1 answer

ISA Server dropping packets as it believes they are spoofed

We have ISA Server 2004 running on Windows Server 2003 SP2. It has 2 NICs - one internal called LAN on 192.168.16.2, with a subnet of 255.255.255.0, and one external called WAN on 93.x.x.2. The default gateway is 93.x.x.1 (our modem). This machine…
RB.
  • 392
  • 2
  • 8
  • 20
0
votes
4 answers

I need to somehow change my ip address

i`m in a lan using iptables/masquerade. what i want to do, is to login in a web application.i write my user and passwd and click login and everything is fine, but if i try to modify something in that aplication it tells me that i have a wrong ip…
tric
0
votes
1 answer

Redirecting requests from domain to local server

I'm developing a web application for a pre-production hardware device which has the domain from which it loads the app hard-coded. Is there a (simple) way for me to reroute these requests to a local development server? I've been trying to get…
John Schulze
  • 73
  • 1
  • 6
0
votes
1 answer

Is there a way to check the DNS registration date when scanning emails on Office 365?

We've just caught an email spoofing attack on our business, and it's not the first like this. Bad actor registers a DNS name very similar to a company we work with and then sends messages purporting to be from that company (but the domain name is…
Quango
  • 229
  • 1
  • 4
  • 17
0
votes
1 answer

Internal Address Spoofing using Outlook SMTP Server

Is there a way to harden Exchange Online to prevent spoofing of internal addresses using SMTP? For example, if I connect to Outlook's SMTP server and issue the following commands: HELO domain.com MAIL FROM: ceo@domain.com RCPT TO:…
j4k3
0
votes
0 answers

Router forces to use netcard's hardware mac

I'm trying to connect to a network that manages device connections by it's mac. So, I want to connect a device, which has no interface to connect it properly by itself I decided to use a different device using the adapter with mac of the device I…
Undermouse
  • 1
0
votes
1 answer

How to hide restricted nginx subdomains?

To hide a restricted location, e.g. location /secret/ { allow 10.0.0.0/24; deny all; } one could set error_page 403 =404 /404.html; error_page 404 /404.html; to make impossible to distinguish a non-existing location (404) from a restricted one…
Polizi8
  • 25
  • 1
  • 6
0
votes
1 answer

Server IP spoofed and attacking

I have a server that has been reported as an attacker since January, finally today I found some information about these attacks, however none of the logs on my server shows anything similar. As a consequence the IP is being banned in many blacklists…
spacebiker
  • 358
  • 4
  • 14
1 2 3
8 9