SPOOFING

Spoofing:

Spoofing is the creation of TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source.

A common misconception is that "IP spoofing" can be used to hide your IP address while surfing the Internet, chatting on-line, sending e-mail, and so forth. This is generally not true. Forging the source IP address causes the responses to be misdirected, meaning you cannot create a normal network connection.

However, IP spoofing is an integral part of many network attacks that do not need to see responses (blind spoofing).

Examples of spoofing:

Man-in-the-middle:
Packet sniffs on link between the two end points, and can therefore pretend to be one end of the connection.

Routing redirect:
Redirects routing information from the original host to the hacker's host (this is another form of man-in-the-middle attack).

Source routing:
Redirects indvidual packets by hackers host

Blind spoofing:
Predicts responses from a host, allowing commands to be sent, but can't get immediate feedback.

Types of spoofing:

Text/SMS Spoofs :
Text/SMS Spoofs are sent by either e-mail or through a web site. The sender inputs your number and then inputs the number or name they want you to see on the caller ID. They then input their message and send.

Phone Spoofs:
Phone Spoofs are sent through a phone or a combination of a web site and a phone. Typically either involves a third party company that acts as an intermediary. The sender initiates a call by either visiting the third party company's web site or calling their specified call in number. The sender then inputs the caller ID information they want displayed and they are connected. The third party company does all the work and charges by the minute. These third party companies will even change the sender's voice and record the call for the spoofer.

URL Spoofing:
When the address (A.K.A., domain name or URL) displayed in the address 'location' bar at the top of a browser is not really the web page being displayed it has been spoofed. For example the user may see www.citibank.com in the address location bar but really be on some other web page.

E-mail Spoofing:
It is when a spoofer falsifies the information about whom an e-mail is from. Most spam (unsolicited e-mail) uses e-mail spoofing with the primary intent to trick the recipient into viewing the e-mail. A good example is the thousands of e-mail claiming to be from eBay that are really spam. The spammer usually does not spoof to hide their location. In fact the spammer will go to much greater lengths to hide their actual location using a variety of techniques- so that they can not be found.

IP Spoofing :
Data sent over the internet (such as an e-mail) is broken up and sent in small pieces of information called packets. These packets once received are reassembled by the recipient. Each packet contains information about who the packet is from and who the packet is to, among other data. Spoofers can falsify who the packet is from to trick the recipient. This type of spoofing is often used to gain access to machines which use IP authentication to verify identity. See IP Spoofing for more in depth data.

CONCLUSION:
Now i have descrbed everything about spoofing so I would like tooffer my comment that spoofing should be a part of Pakistan cyber crime bill. But let me make one thing very clear that spoofing is just a part of cyber crime as there are many other major cyber crimes which we are facing tyoday.The way in which the crime spoofing is explained in the Budapest Convention of the Cyber-crime bill is incorrect.We should keep in mind that in our country common people are not aware of these type of things.Moreover the spoofing is not very clearly defined in the bill so that the people are not able to understand that which things are included in the spoofing and which are not.So i would rather say that the people who made this bill will have to give a clear definition of spoofing so that people will become aware of it and these crimes are then avoided.