spoofing is a little complicated to explain, and doesn't really affect you if you only have a single IP address. Basically, if you had a network of several differant machines, you may adjust your firewall rules so that your internal machines have more access to each other than external machines. You may, for example, decide that all ports are open between internal machines, but only ports 80, 443 and 25 for external machines. This is a common setup.
If your network is not properly protected, it is possible for someone to setup a machine externally that uses a spare IP from your local network (only works with real IP's, as most internet routers will not route the private blocks such as 192.168.* etc.). So they have a machine that has potentially greater access to your network.
They then setup a static route on their machine saying that to talk to your network, the machine should route all packets via your router. If done correctly, and your router is not properly protected, then tey will have the same access to your network as any other local machine.
There are several ways around this problem, but the most common is to make your router drop any packets coming from the internet interface that have IP addresses on your local network. Protection can also be put in place at the ehternet level by locking IP's to MAC addresses to make things even more difficult, but your typical home roputer / switch does not include that facility.
__________________
Coop
|
