Antispoofing is a technique for identifying and dropping packets that have a false source address.
In a spoofing attack, the source address of an incoming packet is changed to make it appear as if it is coming from a known, trusted source. Spoofed packets are commonly used to carry out denial of service (DoS) attacks, exploit network and system vulnerabilities and gain unauthorized access to corporate networks and data.
Spoofed packets can be detected by setting up rules on a firewall, router or other network gateway that examines incoming packets. For example, if the rule is to filter out packets that have conflicting source addresses, a packet that shows a source address from the internal network will be automatically dropped because internal packets are never filtered by outside-facing interfaces.
Antispoofing, which is sometimes spelled anti-spoofing, is sometimes implemented by Internet Service Providers (ISPs) on behalf of their customers.
Continue Reading About antispoofing
Dig Deeper on Real-time network monitoring and forensics