IP spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host.
In short, spoofing means pretending to be someone you are not.
The most common method of attack:
DNS server spoofing attack
The most complex attack is to alter the address the master DNS servers will resolve for a given URL (Universal Resource Locator). The URL that an Internet user types in is not the numeric address of the site required, but an alphanumeric address structure. The DNS (Domain Name Server) servers convert, say, www.robertschoch.net, into a real Internet address, which is 67.19.195.164. This has to be done because people don’t generally remember and associate 12 digit (Octet) numbers with anything.
This method of attack has been successfully accomplished when it alters the server list, so that, for a period of time, users requesting some sites were redirected to the wrong addresses.
This type of attack is a huge threat and the Internet naming and addressing authorities have taken it very seriously. DNS servers have incorporated numerous security measures to prevent repetitions of this attack from being successful. These include having the servers mirror and monitor each other as well as controlling very carefully how updates are introduced into the servers.
IP Spoofing is probably the most common method of stealing your persoanl information next to inadvertantly giving it away in, for example, a fictitious email requesting that your bank account or credit card information was lost in a server crash...
Steve LeMaster