Security in Computer Networks

8.7.3 Spoofing
Home | Introduction | 8.1 What Is Network Security? | 8.2 Principles of Cryptography | 8.3 Authentication | 8.4 Integrity | 8.5 Key Distribution and Certification | 8.6 Access Control: Firewalls | 8.7 Attacks and Countermeasures | 8.8 Security in Many Layers: Case Studies

A user with complete control over that device's software can easily modify the device's protocols to place an arbitrary IP address into a datagram's Source Address field.  This is known as IP spoofing.  A user can thus craft an IP packet containing any payload atat it desires and make it appear as if that data were sent from an arbitrary IP host.  IP spoofing is often used in denail-of-service attacks in order to hide the originator(s) of the attack.  With a spoofed source IP address on a datagram, it is difficult to find the host that actually sent the datagram.
 
From a technical standpoint, spoofing can be easily prevented. Routers that perform ingress filtering check the IP address of incoming datagrams and determine whether the source address is in the range of network addresses that are known to be reachable via that interface.  This check can be easily performed at the edge of a network.