IP spoofing is a type of DoS attack in which the attacker replaces the IP address of his/her machine with a fake IP address which is similar to the IP addresses of the client machines. Further, it creates an illusion for the server that the requested packets are coming from the client machines having a valid IP addresses. The intention of the attacker is to harm the original owner of the IP address and mislead the server or receivers by hiding the original identity of the sender. The attacker pretends as the trusted client machines in front of the server. Attackers select and use the IP addresses that are within the range of the IP addresses of the server. Sometimes, attackers also use authorised and trusted external IP address that permits to access the network resources.
There is a host machine Host A and an attacker machine. The Ip address of host machine is 192.168.0.90. The attacker spoofs the IP address of Host A and sends the packets to the server. The server assumes that packets are coming from Host B.
IP spoofing can only damage the data or commands and is limited to peer-to-peer connection. For bidirectional communication, the attacker needs to change the routing tables of the network. Thus, post changing it, the attacker can receive the network packets to its spoofed IP addresses. The attackers use some tools such as protocol analyzer or password sniffers, scanning tools and sequence number modification for spoofing of the IP addresses of the client machines.