Spoofing (Identity or IP Address Spoofing)

Spoofing (Identity or IP Address Spoofing)

Any internet connected device sends IP datagrams which are internet data packets into the network. These datagrams carry application layer data and the sender’s IP address and if the attacker is able of getting the control over the software running on a network device, it gets easy for them to alter the device’s protocols and putting an arbitrary IP address into the data packet’s source address field. Spoofers do it so that it becomes difficult to find the actual host who sent the datagram.

Ingress filtering is the countermeasure of spoofing and routers usually perform this. Routers perform ingress filtering to check the IP address of incoming datagrams and try to find out if the source addresses which are to be known, to be reachable via that interface. Router discards the source address of the packets which are not in the valid range.