|
|
Masquerading is used by a perpetrator for impersonation. For instance, he can get a false identity by spying out the user ID and password (cf. T 5.9 - Unauthorised use of IT systems), by manipulating the originator field of a message, by manipulating the I/O address within the network, or by manipulating the calling number display (calling line identification presentation) for ISDN.
A user who has been deceived about the identity of his communication partner can, in that case, easily be induced to disclose sensitive information.
A perpetrator can also use masquerading to try to connect to an already existing connection without having to authenticate himself, as this step has already been taken by the original participants in the communication.
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |