74     Chapter 2 • General Security Concepts: Attacks

             sending out massive amounts of mail impersonating a Web site they have spoofed.
             They claim to be from the human resource department, accounts receivable, com-
             plaints, and so forth, and produce an official looking notice alerting the user they
             need to login to their account for one reason or another.The “link” to the official
             site masquerades a connection to the spoofed site. Once the user goes to the
             spoofed site, it’s very hard to differentiate it from the real one. Once the user enters
             the credentials, usually they are redirected to the real site after the attacker has
             stolen the credentials, and the user doesn’t have any idea of what happened.
                 The best way to protect from phishing and Web site spoofing is to always keep
             your Internet browser patched, and to check the URL address bar to verify the
             correct site is accessed. Phishing is so dangerous that the latest versions of major
             browsers, including Internet Explorer, Firefox and Opera, have added built-in
             phishing protection, and sites like Google and eBay offer their own toolbar that
             include anti-phishing protection.You can visit the Anti-Phishing Working Group, a
             coalition of industry and law-enforcement agencies focusing on eliminating fraud
             and identity theft that result from phishing, pharming, and other e-mail spoofing
             efforts. For more information go to www.antiphishing.org.
                 In closing, identity is one of the most critical needs in network security; unfor-
             tunately, it is also the most often unappreciated need.As it stands, online identity is
             easy to claim but difficult to verify.

             Wardialing

             Wardialing, which gets its name from the film “WarGames,” is the act of dialing
             large blocks of telephone numbers, via modem, searching for a computer with
             which to connect.The attacker in this case uses a program known as a wardialer to
             automate this process.These programs are usually quite flexible and will dial a
             given block of numbers at a set interval, logging whatever they may happen to
             find.While this technique was previously heavily used, telecom technology now
             makes it easier to identify war dialers, therefore making it slightly more of a risk to
             potential attackers.
                 From the viewpoint of someone in charge of securing a large corporate infras-
             tructure, it makes sense to wardial all known company lines to check for modems
             that may be connected without your knowledge.Though the practice is on a
             decline, installation of unauthorized modems by employees still represents a huge
             threat to enterprise security.







          www.syngress.com