A technique used to gain unauthorized access
to computers, whereby the intruder sends messages to a computer
with an IP address indicating that the message is coming from
a trusted host. To engage in IP spoofing, a hacker must first
use a variety of techniques to find an IP address of a trusted
host and then modify the packet headers so that it appears that
the packets are coming from that host.
Newer routers and firewall arrangements can offer protection against
Forging an e-mail header to make it appear
as if it came from somewhere or someone other than the actual
source. The main protocol that is used when sending e-mail --
SMTP -- does not include a way to authenticate. There is an SMTP
service extension (RFC 2554) that allows an SMTP client to negotiate
a security level with a mail server. But if this precaution is
not taken anyone with the know-how can connect to the server and
use it to send spoofed messages by altering the header information.