What is IP Spoofing?
In computer networking, IP address spoofing or IP spoofing is the creation of Internet Protocol packets with a false source IP address, for the purpose of impersonating another computing system or website.
How does IP spoofing work?
To break things down, IP (Internet Protocol) packets house information like IP addresses and the destination IP addresses. IP addresses allow computers to send and receive information, when connected to wi-fi. Hackers operate spoofing attacks by changing the source address in the packet header to make the destination think someone is coming in from an accepted source, allowing them to access everything.
How to detect IP spoofing?
IP spoofing can be extremely hard to detect since the attack happens deep at a network level. Most options of detection are typically monitored by an IT specialist. Monitoring networks for any sort of unusual activity is one of the easiest ways to stay on top of this. Placing resources behind a firewall can also be another way to protect internal resources.
How to prevent spoofing attacks?
Egress filtering
This monitors the IP addresses exiting a network by looking at the source packets
Use secure encryption protocols like https
Since it can be difficult as an end user to stay on top of IP spoofing surfing sites with https can mitigate risk on legitimate sites
Ingress Filtering
This monitors entering IP addresses to a network. If they don’t match the source they are not allowed in.
Learn More
Developer Resources
Get Started
Find the right YubiKey
Take the quick Product Finder Quiz to find the right key for you or your business.
