MAC Spoofing and IP Spoofing

a host can arbitrarily select any MAC and/or IP address and attempt to use it on the network
while each network interface has a burned-in MAC address,
- can be changed to any arbitrary value using packet crafting software
threat actor can spoof MAC or IP address to
- circumvent access control
- impersonate a legitimate user
in order for this to succeed,
- threat actor must disable the legitimate host
- otherwise will be duplicate addresses on the network
  - will have unpredictable results

Info

IP spoofing is used in most DoS attacks to mask the origin of the attack and make it harder for the target system to block packets from the attacking system.

threat actor does not care that they will not receive replies

different from on-path attack

adam's notes

MAC Spoofing and IP Spoofing

Graph View

Backlinks