Spoofing refers to deceiving computer systems or users by faking one’s identity on the Internet. Today various methods are used to spoof. However still the most common method of spoofing is through e-mail. E-mail spoofing involves sending messages from a bogus or fake e-mail address. Most e-mail servers have security features that prevent unauthorized users from sending messages, but, spammers often send spam messages from their own SMTP (Simple Mail Transfer Protocol is a TCP/IP protocol used for sending and receiving e-mail), which allows them to use fake e-mail addresses.
Another way of spoofing is through IP spoofing which is done by faking a computer’s IP address. In this type of spoofing it is difficult for other systems to determine where the computer is transmitting data from. Although software security systems have been developed that can identify these types of attacks and block their transmissions.
Now moving to Snooping, it is unauthorized access to another person’s or company’s data. It includes casual observance of an e-mail that appears on another’s computer screen or watching what someone else is typing. More sophisticated snooping uses software programs to remotely monitor activity on a computer/network device.
Snooping data from the network leads to loss of privacy of several kinds of information that should be private for a computer network. They may be one or all the following:
- Financial details
- Private data
- Low-level internet protocol information
However, corporations also sometimes snoop on employees legitimately to monitor their use of business computers and track Internet usage. Governments snoop on individuals to collect information to avert crime and terrorism. Snooping suggests that somebody is listening to or reading communications or browsing through files or system information.
Although snooping is always taken in a negative sense, snooping can refer to any program or utility that performs a monitoring function in computer technology. For example, a snoop server is used to capture network traffic for analysis, and the snooping protocol monitors information on a computer bus to ensure efficient processing.
Both are security threats that target via the Internet. Most of the users are completely unaware of this happening. If the network packets are not encrypted, the data within the network packet can be read using a snooper.
An attacker sends a packet to the target host with a forged IP address. The targeted host sends an acknowledgment and waits for a response. The response never comes, and these unanswered queries remain in the buffer of the targeted device. If a large number of spoofed queries are sent, the buffer will overflow and the network device will become unstable and crash.
Anyone can fake the number or area code from where they are calling. This type of spoofing is done by telemarketers to hide their identity and by hackers to gain access to unprotected phone voicemail messages.
While the Internet is a great place to communicate with others, it can also be an easy place to fake an identity. Therefore, always make sure you know who you are communicating with, before giving out private information. It is impossible to build effective security into the higher levels without a detailed discussion of these threats.