What attack manipulates legitimate traffic to appear as it originates from the victim's address?

The attack that manipulates legitimate traffic to appear as if it originates from the victim's address is IP spoofing. This technique involves forging the source IP address in an IP packet so that the packet appears to come from a trusted source, effectively disguising the actual source of the attack. This can allow an attacker to bypass security controls, create confusion, and facilitate various types of attacks, such as denial of service or session hijacking.

When an attacker employs IP spoofing, they can send malicious packets to a target while masking their identity, potentially leading to successful exploitation of vulnerabilities in systems that rely on IP address whitelisting or similar security measures. By impersonating a trusted source, attackers can also manipulate sessions or inject malicious traffic into an established connection.

Understanding how IP spoofing works and its implications is vital for network security. Organizations need to implement measures such as ingress and egress filtering to help detect and prevent spoofed traffic from entering or leaving the network, significantly reducing the risk of such attacks.