Jump to content

IP address spoofing

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Aldie (talk | contribs) at 14:22, 23 May 2003. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.


In computer networking, the term Internet protocol spoofing (IP) is the creation of IP packets with counterfeit (spoofed) IP source addresses.

This can be a method of attack used by network intruders to defeat network security measures such as authentication based on IP addresses.

An attack using IP spoofing may be an initial step leading to unauthorized user access, and possibly root access, on the targeted system.

A packet filtering router or a firewall may not provide adequate protection against IP spoofing attacks. It is possible to route packets through this type of device is not configured to filter incoming packets having source addresses on the local subnet.

IP spoofing is possible even if no reply packets can reach the attacker. For example if using UDP.

A method for preventing IP spoofing problems is to install access control lists on a router that does not allow incoming packets to have a source IP address different from the local network address. In addition, outgoing packets should not be allowed to contain a source address different from the IP network, in order to prevent an IP spoofing attack from originating from the local network.

Source: from Federal Standard 1037C

Retrieved from "https://en.wikipedia.org/w/index.php?title=IP_address_spoofing&oldid=971359"