Common Network Attack Strategies: Masquerade - dummies

Common Network Attack Strategies: Masquerade

By Edward Tetz

A common network attack strategy is the masquerade attack, a type of spoofing attack where the attacker pretends to be someone or some network device which he is not. E-mail addresses, URLs, and network devices, such as routers, can all be spoofed. Masquerade attacks often succeed because people see what they expect to see.

One effective masquerade is to create a fake Windows server. Clients on that network automatically attempt to authenticate to this fake Windows server with their current logon credentials.

A client does this authentication by accepting a random challenge word from the server, encrypting it using her password as the encryption key, and sending that newly encrypted string to the server.

The attacker running the masquerade server knows what word was originally sent as the challenge, so he can compare that encrypted string with the string he gets from a series of password attempts. When the attacker finds a matching string, he knows the password.