Different kinds of spoofing have been around since the 1990s. Mainstream IP spoofing has been used to forge IP packet and data sources and on websites to steal credit card or other private information. Learn how to prevent IP spoofing.
IP spoofing is especially critical since it allows unauthorized users to access the root of the targeted system effectively bypassing one-time passwords and allowing the intruder to access the system using login connections from any user residing in the system.
Use Access Control Lists (ACL)
Since all private networks follow the RFC 1918 standards, identifying the IP addresses of an internal network is not a complex undertaking. After taking a listing of all the IP addresses of authenticated hosts on the internal network, any other IP address coming into the network should be denied access. Any host that accesses the internal network should have an outside IP address since there would be no valid reason for it to have an IP address falling within the internal network range.
Network traffic can be controlled by implementing IPSec filtering rules which control what protocols, ports and IP addresses are allowed or denied access. The Microsoft Management Console (MMC) is used to implement the policy and assign it to individual host computers. The IPSec policy is flexible enough to allow different filter rules to be implemented such as controlling what sites and applications can access hosts. For data privacy, integrity and authenticity, the IPSec protocol is preferred.
Routers can also be configured so that they reject any packets that purport to originate from within the network but are coming from the outside. Alternatively, encryption sessions can be enabled within the router so that only trusted hosts residing outside the network can securely communicate with local hosts from within.
In most cases, IP spoofing can be detected and stopped by implementing the already existing security measures that come with router hardware and current operating systems.