A user transmits packets with an IP address and makes it look like its coming from a trusted source. Welcome to the world of IP spoofing.
What is spoofing?
Spoofing is the act of fooling and presenting false data to appear credible especially its source. Before a spoof can be successful, the spoofer first determines the IP address of a trusted host. Once this is determined, the attacker then goes ahead and changes the packet headers to make it seem like the transmission is from the trusted source effectively spoofing the target. What sorts of attacks though can be launched with IP spoofing?
While it is difficult to predict the correct sequence number of packets transmitted, blind spoofing is achieved by a cracker who injects data into a packet stream without having to authenticate him or herself. Blind spoofing requires a cracker to first send requests to a network and then be able to analyze the transmission sequence in order to successfully implement a blind spoof.
This involves a cracker who resides on the inside of a network and is therefore capable of determining the sequence cycle of packet transmission. Having this knowledge will allow an attacker to hijack sessions, bypass authentication mechanisms in place. Further, the attacker can sniff and inject packets at will.
The denial-of-service attack involves sending multiple hosts a constant stream of packets in what is referred to as a large-scale attack. This eventually results in all streams being spoofed thereby making it very difficult to track down the source of the packet storm.
This usually involves an eavesdropping mechanism where a malicious machine intercepts packets, alters the packets and sends them along to the intended destination. This is where the spoofing element enters the equation. Since both the originating and the receiving machines are unaware that the communication has been compromised.
How to protect yourself from IP spoofing? Use a VPN service. It hides your IP address and encrypts your Internet traffic.