Pecunix

Referer spoofing

Welcome to our website. It is generaly simplier version of wikipedia. You will find there selected articles. Enjoy!

 This article does not cite any references or sources.
Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (March 2008)

In computer security, referrer spoofing or ref tar spoofing is the sending of incorrect referrer information in an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It is also used to improve the privacy of an individual using a web browser to view World Wide Web sites, by replacing valid referer data with incorrect data, though most users simply suppress their web browser from sending referrer data, and may also modify other HTTP headers.

Application

Some websites, especially many image hosting sites, utilize referrer information to secure their materials: only browsers arriving from their web pages are served images. Additionally a site may want users to click through pages with advertising content before directly being able to access a downloadable file - using the referring page or referring site information can help a site redirect unauthorized users to the landing page the site would like to use.

If attackers acquire knowledge of these approved referrers, which is often trivial because many sites follow a common template, they can use that information combined with this exploit to gain free access to the materials.

Spoofing often allows legitimate access to a site's content where the site's web server is configured to block browsers that do not send referrer headers. Website owners may do this to disallow hotlinking.

It can also be used to defeat referrer checking controls that are used to mitigate Cross-Site Request Forgery attacks.

Tools

Several software tools exist to facilitate referrer spoofing in web browsers. Some are extensions to popular browsers such as Mozilla Firefox or Internet Explorer, which may provide facilities to customise and manage referrer URLs for each website the user visits.

Other tools include proxy servers, to which an individual configures their browser to send all HTTP requests. The proxy then forwards different headers to the intended website, usually removing or modifying the referrer header. Such proxies may also present privacy issues for users, as they may log the user's activity.

See also

Retrieved from "http://en.wikipedia.org/wiki/Referrer_spoofing"


Advertisement. Check our sponsors: Liberty Reserve web hosting mieszkanie kerasan ego Szkoły policealne Swarovski głośnikipozycjonowanie | siwy | Reumatolog | Pediatria | Nefrolog | Kardiochirurgia | Najlepsze ogłoszenia Giełda samochodowa Super samochody | szybkie czytanie gdynia | chrysler silniki | chrysler ochrona środowiska | szkoła wspinania | hydraulik szczecin | porządkowanie dokumentów | szkoła jazdy płock | restauracja chińska trójmiasto
Thanks for your time.
All text is available under the terms of the GNU Free Documentation License