Back

Definition
IP spoofing is the act of forging the source IP address in network packets so they appear to come from a different device. Attackers use spoofed IPs to hide their location, impersonate trusted hosts, or redirect responses toward a victim.

Why it matters
IP spoofing enables attacks that are harder to trace, including reflection and amplification attacks that flood a target, and it can be used to bypass simple IP based access controls. Detecting and blocking spoofed traffic is essential for network security.

Example use case
An attacker spoofs the IP address of a target and sends requests to misconfigured servers that reply to the spoofed address. The victim receives a large volume of unsolicited replies and their service is disrupted.