Spoofing refers to when someone/something pretends to be something that they aren’t. Examples include fake web servers, fake DNS servers, fake email address, caller ID, etc.
Spoofing is commonly used in Man in the Middle attacks.
MAC spoofing is when a device pretends to have a MAC address that it really doesn’t. A MAC address is a unique burned in address that every Ethernet device has. However, many network drivers allow you to change the MAC to anything you desire. Changing the MAC address has legitimate uses such as when an internet provider or application requires a certain MAC address.
MAC spoofing can be used to get around MAC address based Access Control Lists (ACLs) or to get around wireless MAC address filters on the access point.
IP address spoofing is also a tactic used by malicious actors. This is when someone takes the IP address of a legitimate device and uses the IP address to make traffic appear to come from that legitimate device. IP address spoofing can be used for legitimate purposes such as load balancing and load testing. For malicious purposes, IP spoofing could be used in ARP poisoning, DNS amplification, and DDOS attacks.
