IP spoofing refers to an attacker’s attempt at masquerading as the legitimate user by spoofing the victim’s IP address. The concept of spoofing can apply to a variety of attacks in which an attacker spoofs a user’s identifying information. Let’s draw a line in the sand here and definitively agree that spoofing is a different approach and attack from session hijacking; however, they are related in that both approaches aim at using an existing authenticated session to gain access to an otherwise inaccessible system.
1 Comment