Spoofing-Crime

Q:should spoofing be part of the cyber-crime law ? why and why not


Three of the most common are email address spoofing, IP address spoofing, and MAC address spoofing.
In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. One benefit common to all types of address spoofing is testing. Being able to spoof addresses at different layers of the network lets network and system administrators verify their configurations for correctness without having to wait for similar events to happen on their own.
In case of Ip spoofing the programmer sends packets to other machines through some other ip address. Anonymity is also an important benefit of IP spoofing. It’s important to note, however, that just spoofing your IP address at the local machine isn’t likely to do any good because you won’t get any return traffic and most applications do at least some connection verification.IP address spoofing is commonly used in Denial-of-Service attacks to hide the source of the attacks
One of the difficulties is that the senders don’t need (and don’t want) any return traffic and so spoofing their IP address allows them to make tracking back to the senders very difficult.

Everyone who has ever had an email address knows how severe the spam problem is [11]. Email spoofing lets spammers modify the “from” header to make it appear as if the email is coming from someone else .In e-mail spoofing the sender's address and other parts are altered in order to hide as the mail is orignated from a different source. For the moment, consider what might change if email address spoofing was somehow disabled. The first obvious problem is that you can also include a label with the email address like this: “name whoever@whereever>”. Nearly all email clients these days will only display the label by default and so many users never even see the actual email address. The next problem is that many spammers setup dummy email accounts, that don’t lead back to them, on free web-based email servers. In this case, the spammers don’t even have to use address spoofing and so disabling it won’t help.The primary reason for allowing email spoofing is anonymity. There are plenty of example cases where anonymous communication is necessary.For instance, people living in countries with oppressive governments may have to communicate without identification or face the consequences of speaking out. Even in other countries there are instances when an individual (like an insider or member of a watchdog group) may need to speak out but can’t do it openly for fear of reprisal. In a case like this, all that is needed is access to a public computer from which to send email messages with spoofed addresses. That ensures that the person sending it won’t be identified either by email address or by sending computer. Email spoofing lets spammers modify the “from” header to make it appear as if the email is coming from someone else.

MAC spoofing is often used to allow physically separated (by a router) parts of a logical network to appear as if they are all on the same segment. This is sometimes called transparent subnetting and is done with Proxy ARP. MAC spoofing can also be used to ease transitions when MAC addresses are used as identification.Malicious users use MAC spoofing to confuse other hosts on the local ethernet into thinking that a machine should receive traffic that it should not. This can lead to man-in-the-middle attacks, unauthorized packet sniffing, or even DoS attacks.

CONCLUSION:
I believe that address spoofing should be allowed. While address spoofing is currently used in some malicious ways, I don’t think that disabling it would actually help all that much. More importantly, address spoofing is used every day for perfectly legitimate purposes and could potentially be used in other ways that no one has yet thought of. Getting a little bit philosophical, should we take something away just because some people abuse it? Take alcohol as an example. Most people drink without causing any problems, but a few people cause irrepairable harm. Should we then stop selling alcohol because of those few who abused it? Regardless, it is clear to me that address spoofing has many benefits and taking it away would gain us very much less than is usually assumed. With that in mind, I will reiterate: You’ll have to pry address spoofing from my cold, dead, spam-stained hands!
Spoofing should not be generally illegal because no hacking is required, unless it involves a direct threat of violence or death and by using such tactic, know as email spoofing programmers exploit the simplicity of Internet STMP (simple mail transport protocol).
The loop holes that prevnt spoofing should be improved,like the protocols,firewalls or the programming on the router level or on the root level must be done in order to prevnt spoofing.

REFERENCES:
WEIKIPEDIA