Spoofing and On-Path Attacks

Spoofing is faking an identity to fool a system or person. An attacker pretends to be a trusted source, like a known IP address, MAC address, email sender, or website, to gain access or intercept traffic.

Spoofing underlies many network attacks. If a device trusts an address blindly, faking that address lets the attacker slip past defenses or redirect traffic.

IP spoofing forges the source IP address in a packet so it appears to come from a trusted host. Attackers use it to bypass IP-based filters, hide their origin, or amplify DoS attacks by tricking servers into replying to a victim.

Because basic IP does not verify the source, spoofing is easy. Defenses include ingress and egress filtering that drop packets with clearly forged source addresses.