WEB SPOOFING

WEB SPOOFING

Abstract:

Web spoofing is an Internet security attack that could endanger the privacy of World Wide Web users and the integrity of their data.  The attack can be carried out on today’s systems, endangering users of the most common Web browsers, including Netscape Navigator and Microsoft Internet Explorer.

Web spoofing allows an attacker to create a “shadow copy” of the entire World Wide Web.  Accesses to the shadow Web are funneled through the attacker’s machine, allowing the attacker to monitor all of the victim’s activities including any passwords or account numbers the victim enters.  The attacker can also cause false or misleading data to be sent to Web servers in the victim’s name, or to the victim in the name of any Web server. Many developers have used the host based access controls to secure their networks. Source IP address is a unique identifier but not a reliable one. It can easily be spoofed.