Thanks, I understand it now. If someone could close or get rid of this post unless someone else has something to contribute.
I have. The concept of spoofing an IP address is very simple in principle. When your computer sends any packet over the internet, it contains headers with information about the packet. Two important headers are the "source" and "destination" of the packet. Spoofing simply means getting software to send packets with a fake source.
Secondly, spoofing is only useful with UDP packets and ICMP. These packets are sent to a host without a connection as such being established. The majority of protocols use TCP, whereby data is only exchanged after both sides negotiate a connection. If you need to open a TCP connection, you must send a request, and the remote host sends you back an ACKWNOWLEDGE packet - this is why TCP connections cannot be spoofed - the packet will not be received by you but by whomever's source address you faked, and will simply be ignored.
As to the issue of legality/morality, spoofing simply comes down to sending a custom packet over a network. It is in no way illegal or immoral. It is what you use the technique for that causes problems. If you use it to flood a host with an attack and try to hide your real identity, it is both illegal and immoral. However this does not mean that you arent entitled to know the basic concepts.
As with anything spoofing has a lot of very important and good uses. For example if you use a NAT/gateway to connect to the internet. They work by spoofing packets that look to your computer as if they are from the remote host, and modifying your replies so the remote host thinks your NAT box initiated the connection. This way you can connect 'transparently' with networks you arent directly connected to. If it wasnt for packet spoofing, the remote computer would think "192.168.0.10" or whatever is connecting to it, replies would be lost, and the thing would just collapse. The term spoofing just means sending a packet with a custom source address - nothing illegal! If you combine spoofing with a network attack, the spoofing part isnt illegal, but the "attack" part is.
Linear Mode
