From CryptoDox, The Online Encyclopedia on Cryptography and Information Security
IP spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
Spoofing is done by creating TCP/IP packets using somebody else's IP address. Routers use the "destination IP" address in order to forward packets through the Internet, but ignore the "source IP" address. That address is only used by the destination machine when it responds back to the source.
Examples of Spoofing
- Man-in-the-middle: Packet sniffs on link between the two end points, and can therefore pretend to be one end of the connection
- Routing redirect: Redirects routing information from the original host to the hacker's host (this is another form of man-in-the-middle attack).
- Source routing: Redirects indvidual packets by hackers host
- Blind spoofing: Predicts responses from a host, allowing commands to be sent, but cannot get immediate feedback.
External Links
