IP Spoofing is a security exploit where an Intruder attempts to send packets to a system which appear to originate from a source other than the Intruder's own. If the target system already has an authenticated TCP session with another system on the same IP network, and it mistakenly accepts a spoofed IP packet, then it may be induced to execute commands in that packet, as though they came from the authenticated connection.

Improved reliability and routing filters in major Internet routers make this attack largely obsolete on the Internet in cases where the Intruder and target system are topologically distant.

Return to IT Security Concepts