The Practice of Network Security: Deployment Strategies for Production Environments

3.3. Spoofing

An IP spoofing attack is one in which the source IP address of a packet is forged. There are generally two types of spoofing attacks: IP spoofing used in DoS attacks, and man in the middle attacks.

IP spoofing-based DoS attacks are relatively straightforward. An attacker sends a packet to the target host with a forged IP address (SYN)—often an IP address in the RFC 1918 address space, though it does not have to be—the targeted host sends an acknowledgement (ACK) and waits for a response. The response never comes, and these unanswered queries remain in the buffer of the targeted device. If enough spoofed queries are sent the buffer will overflow and the network device will become unstable and crash.

Man in the middle attacks are ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Practice of Network Security: Deployment Strategies for Production Environments by Allan CISSP Liska

3.3. Spoofing

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly