Learn how spoofing an address is done to conceal the identity of the hacker. Lisa Bock reveals reasons why spoofing and IP address or MAC address is done, including launching a DoS or MiTH attack. A review of an SSL Strip is covered and best practices to reduce the risk of spoofing from bogus IP address.
- [Voiceover] Spoofing an address is done…to conceal the identity of a hacker.…The concept is simple,…the headers of the packets are modified…to make it appear as if the transmissions…are originating from another machine.…IP address spoofing is crafting an IP header…with a forged source IP address.…Generally, this is done when there is no expectation…of receiving a reply.…As when the source IP address is spoofed,…the message cannot be returned to the sender.…
If an IP address is spoofed, they will not get a response.…So spoofing might be used to launch…a denial of service attack…with the hopes of taking a site down.…ARP spoofing is sending counterfeit ARP messages…or address resolution protocol messages…over a local area network that results…in the linking of an attacker's MAC address…with the IP address of a legitimate computer…or server on the network.…This one will get delivered.…
Now there are a number of attacks…that can benefit from spoofing.…One is a common attack called a man-in-the-middle attack.…In this picture we see a client communicating with a server.…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50). This course maps to the 03 Scanning Networks domain.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling
Skill Level Intermediate
1. Scanning Overview and Methodology
2. Identifying Live Systems Using Protocols
3. Blueprint the Network
4. Vulnerability Scanning
Commercial and free scanners3m 17s
5. Scanning Tools
6. Evading Detection
7. Concealing and Spoofing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.