How spoofing is done

The header of every IP packet contains its source address. This is normally the address that the packet was sent from. By forging the header, so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. This can be a method of attack used by network intruders to defeat network security measures, such as authentication based on IP addresses.This method of attack on a remote system can be extremely difficult, as it involves modifying thousands of packets at a time and cannot usually be done using a Microsoft Windows computer. IP spoofing involves modifying the packet header, which lists, among other things, the source IP, destination IP, a checksum value, and most importantly, the order value in which it was sent. As when a box sends packets into the Internet, packets sent may, and probably will arrive out of order, and must be put back together using the order sent value. IP spoofing involves solving the algorithm that is used to select the order sent values, and to modify them correctly. This poses a major problem because if one evaluates the algorithm in the wrong fashion, the IP spoof will be unsuccessful.This type of attack is most effective where trust relationships exist between machines. For example, it is common on some corporate networks to have internal systems trust each other, so that a user can log in without a username or password provided they are connecting from another machine on the internal network (and so must already be logged in). By spoofing a connection from a trusted machine, an attacker may be able to access the target machine without authenticating.