Antispoofing is a technique for identifying and dropping packets that have a false source address.

In a spoofing attack, the source address of an incoming packet is changed to make it appear as if it is coming from a known, trusted source. Spoofed packets are commonly used to carry out denial of service (DoS) attacks, exploit network and system vulnerabilities and gain unauthorized access to corporate networks and data.

Spoofed packets can be detected by setting up rules on a firewall, router or other network gateway that examines incoming packets. For example, if the rule is to filter out packets that have conflicting source addresses, a packet that shows a source address from the internal network will be automatically dropped because internal packets are never filtered by outside-facing interfaces.

Antispoofing, which is sometimes spelled anti-spoofing, is sometimes implemented by Internet Service Providers (ISPs) on behalf of their customers.

See also: Sender Policy Framework, Email spoofing, IP spoofing

This was last updated in July 2014

Continue Reading About antispoofing

Dig Deeper on Threat detection and response

Enterprise Desktop
Cloud Computing