IP Spoofing is a technique that allows an attacker to adopt the identity of a trusted host (by switching IP addresses), obtaining unauthorized access to systems. In numerous places (under Unix or Linux), there is a file called .rhosts which contains a list of names of trusted hosts. If an attacker can pass himself off as one of these addresses, he would be able to run commands remotely or start a system session even without a password.
IP Spoofing involves sending an IP packet with a false source address, so the recipient believes it comes from another source. This technique can be used for many things, including denial of service attacks.
However, the success of IP spoofing does not just depend on the person sending the packet. Packets sent with spoofed source addresses will not necessarily reach the target.
Today there are numerous devices in large networks, for example in WANs and the Internet, that are able to filter processed traffic. One of these filters is precisely the verification of source IP addresses. The devices that carry out this type of control are:
- Access servers