08-09-2017, 10:41 AM
In computer networks IP spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a false source IP address, for the purpose of hiding the identity of the sender or impersonating another computer system . One technique that a sender can use to maintain anonymity is to use a proxy server.
When IP spoofing is used to hijack a browser, a visitor who writes the URL (Uniform Resource Locator) of a legitimate site is taken to a fraudulent web page created by the hijacker. For example, if the kidnapper forged the Library of Congress Web site, any Internet user who typed in the URL www.loc.gov would see counterfeit content created by the abductor.
If a user interacts with dynamic content on a fake page, the user can access sensitive information or resources from the computer or from the network. It could steal or alter sensitive data, such as a credit card number or password, or install malware. The abductor could also take control of a compromised computer to use as part of an army of zombies to send spam.
Web site administrators can minimize the danger of their IP addresses being spoofed by implementing hierarchical or unique passwords and data encryption / decryption techniques. Users and administrators can protect themselves and their networks by installing and deploying firewalls that block outbound packets with source addresses that differ from the IP address of the user's computer or the internal network.