My firewall showed snoofing tried to access my computer ....... anyone know what is snoofing ? a program or user ? 
thanks
thanksWhat is snoofing ?
- Thread starter UThinkImCrazy
- Start date
Re: What is snoofing ?
I believe Dr. Stranglove is called "snoofing" on the weekend.
nole
UThinkImCrazy said:My firewall showed snoofing tried to access my computer ....... anyone know what is snoofing ? a program or user ?
I believe Dr. Stranglove is called "snoofing" on the weekend.
nole
I assume you may mean "spoofing" Spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
Spoofing and Snoofing, 2 VERY different things!!!
Spoofing - as in people trying to alter the IP header tag to make it as though their traffic is sourced not from their IP but some other, even a fictitious IP address, this issue is typically addressed by using reverse dns resolutions. This is also the reason why you will get crazy names associated with your IP address, but nevertheless, associated with a valid domain like mindspring.
Here is an example:
adsl-12-42-115-68.[abbreviatedcityname][STATE].mindspring.com
(it is a fictitious address, and name,)
and this would be the name for the temporary IP address assigned by the DHCP server to that client (the translation is not this obvious sometimes, 68.115.42.12)
The point is the reverse lookup will identify a spoofed address in the header, and the network engineers typically will mmediately go after teh source, you would be surprised at the speed with which they move.
If your firewall successfully blocked them, then you are doing good. You can do a reverse look up on the source of this traffic, and go to ARIN, get their domain name, and complain to their network administrator whose E-Mail will be listed there, they do take these complaints seriously.
Here is the address for the ARIN whois search page:
http://www.arin.net/whois/
Snoofing - a percentage of people commonly provide false information on web-site administration forms out of the fear of loss of privacy. Teh privacy of providing false or anonymous identities out on the Internet is snoofing. While snoofing can be used for good purposes for those who misrepresent their identity for legal reasons, often the spoofing of identities is done illegally every day. Many companies are involved in this Internet misrepresentation. One such company, while they weren't dealing with PEBES information, one such company, Cyber Promotions, has recently been to civil federal court on six separate cases and lost, being charged with activities associated with misrepresentation, false identities and stealing computer resources. They were harvesting web-based information they felt to be profitable.
It is not a protocol related thing.
Spoofing - as in people trying to alter the IP header tag to make it as though their traffic is sourced not from their IP but some other, even a fictitious IP address, this issue is typically addressed by using reverse dns resolutions. This is also the reason why you will get crazy names associated with your IP address, but nevertheless, associated with a valid domain like mindspring.
Here is an example:
adsl-12-42-115-68.[abbreviatedcityname][STATE].mindspring.com
(it is a fictitious address, and name,)
and this would be the name for the temporary IP address assigned by the DHCP server to that client (the translation is not this obvious sometimes, 68.115.42.12)
The point is the reverse lookup will identify a spoofed address in the header, and the network engineers typically will mmediately go after teh source, you would be surprised at the speed with which they move.
If your firewall successfully blocked them, then you are doing good. You can do a reverse look up on the source of this traffic, and go to ARIN, get their domain name, and complain to their network administrator whose E-Mail will be listed there, they do take these complaints seriously.
Here is the address for the ARIN whois search page:
http://www.arin.net/whois/
Snoofing - a percentage of people commonly provide false information on web-site administration forms out of the fear of loss of privacy. Teh privacy of providing false or anonymous identities out on the Internet is snoofing. While snoofing can be used for good purposes for those who misrepresent their identity for legal reasons, often the spoofing of identities is done illegally every day. Many companies are involved in this Internet misrepresentation. One such company, while they weren't dealing with PEBES information, one such company, Cyber Promotions, has recently been to civil federal court on six separate cases and lost, being charged with activities associated with misrepresentation, false identities and stealing computer resources. They were harvesting web-based information they felt to be profitable.
It is not a protocol related thing.
