From the course: Threat Modeling: Spoofing In Depth
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Spoofing the OSI model
From the course: Threat Modeling: Spoofing In Depth
Spoofing the OSI model
- Attackers can spoof at any layer of the OSI model, the seven-layer system used for networking. Looking beyond IP addresses, attackers can also spoof a MAC address or DNS packets. Why spoof at another layer? A hacker could spoof a MAC address to use expensive airplay and WiFi on someone else's bill. Here's how to commit that crime. Of course, don't do this without proper authorization. First, monitor the WiFi using tcpdump-e. This will show you sets of Ethernet addresses and some are allowed to route packets to the ground. I pick one of those addresses and set my MAC address to theirs. Now I'm spoofing and I'm spoofing well. But there's a problem. The real 10.2.3.5 is getting responses to my packets and has no idea what to do with them. So the target sends a TCP reset. How rude, I'm just trying to piggyback free Internet access from 38,000 feet, and here some paying customer has the temerity to send resets? Obviously, I needed the victim to stop. I can wait for them to use the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.