IP spoofing is the creation of IP packets using someone else's IP address. DNS spoofing is the substitution of a different IP address for a DNS name. DNS spoofing is commonly achieved by corrupting the DNS database of the DNS server your computer connects to in order to match human readable computer names to physical IP addresses. In both instances, the computer you are connecting to is not the server you expect.
This can be used, for example, to trick you into giving your server user name and password to the computer acting as the impostor. Alternatively, the impostor might simply act as a conduit whilst talking to the real server on your behalf. This is called a "Man-in-the-middle attack" and is commonly used to intercept network traffic without the knowledge of the original participants.
SecExMail protects against IP and DNS spoofing via SSL / TLS certificates. At the start of each connection attempt, the server certificate is verified to establish the server's true identity and the digital signature of the certificate is recorded. (Offshore and Corporate edition only )
|