Definitions[]
IP spoofing (also IP address spoofing) refers to
“ | sending a network packet that appears to come from a source other than its actual source.[1] | ” |
“ | [a] type of attack in which the attacker steals a legitimate network (e.g., IP) address of a system and uses it to impersonate the system that owns the IP address. | ” |
Overview[]
This is accomplished by changing the source information (IP address) contained in the header of a network packet to an address other than that of the originating machine. Routers only use the destination IP address to forward TCP/IP packets; they do not verify the source IP address. The only time the source address is needed is when the destination machine uses this source address to respond back. Forging the source IP address causes all responses to this communication to be directed to a machine other than the origin, thus effectively disguising the source of an attack that implements this technique.