1. The word "spoof" generally means the act of forging your identity. More specifically, it means forging the sender's IP address (IP spoofing). Analogy: When you send a letter via normal post (snail mail), you write the recipient's name and address on the envelope. You typically also write the sender's name and address as well, so that if there is an error forwarding you letter (e.g. a stamp falls off), they know who sent the letter and can return it. However, you can easily spoof it. For example, someone I know absolutely had to send a letter, but had no stamps. So he simply put the actual recipient's name as the return address section of the envelope and dropped it into the mail box. The letter was returned to sender, which of course arrived at the intended recipient. Misunderstanding: Most people are interested in spoofing because they think it will allow them to hack a machine in a completely anonymous manner. It doesn't work this way. For example, Mitnick used IP spoofing in order to attack Shimomura's computers, but was caught anyway because spoofing does not truly hide the attacker. The problem is that all responses go back to the sender, so if you've spoofed the sender, you'll never see the responses. Therefore, the spoofing is useless for any normal activity. On the other hand, spoofing can still be useful in situations where seeing the response is not necessary. In the Mitnick instance, two machines trusted each other. Therefore, Mitnick was able to emulate and entire connection between the two machines by "predicting" what all the responses would be. He used this connection to open up something on the victim machine that he could then connect to normally. It was precursor scanning the and the post-spoof connection that Shimomura used to catch Mitnick. Example: A particularly nasty form of a spoofing is TCP sequence number prediction. Theoretically, you cannot spoof any protocol based upon TCP connections. This is because both sides of a TCP connection choose their own Initial Sequence Number (ISN). In theory, this is a completely random number that cannot be guessed. In practice, it can sometimes be easily guessed. Mitnick used this technique when hacking Shimomura. As of the end of 1999, operating systems such as Linux, WinNT, and Win2k have implemented truly random ISNs in order to defeat this type of attack. Example: In terms of volume of traffic, the most common use of spoofing today is smurf and fraggle attacks. These attacks spoofed packets against amplifiers in order to overload the victim's connection. This is done by sending a single packet to a broadcast address with the victim as the source address. All the machines within the broadcast domain then respond back to the victim, overloading the victim's Internet connection. Since smurfing accounts for more than half the traffic on some backbones, ISPs are starting to take spoofing seriously and have started implementing measures within their routers that verify valid source addresses before passing the packets. As a consequence, spoofing will become increasingly more difficult as time goes on. Key point: Most of the discussion of spoofing centers around clients masquerading as somebody else. On the other hand, the reverse problem is equally worrisome: hackers can often spoof servers. For example, I post on my website that there is a serious security fix needed to protect yourself while on the web, and point you to http://www.micrsoft.com and hope that you never notice that the URL is misspelled. You would then go to that site (which would be really my server) and download the patch, which would really be a Trojan Horse that I designed in order to break into your computer. This is why server-side certificates are important: they allow someone to validate that the server isn't bogus. Key point: As the analogy with postal mail shows, many things can be forged, not just the sender's IP address. Most spammers forge their sender's e-mail address in order to avoid all the hate mail they will receive in response. Forging your own sender e-mail address is as simple as reconfiguring your e-mail client -- anybody can do it. (However, there are more secrets to this, which mean you can still be caught by any determined person). Contrast: Blind spoofing describes when you have no knowledge of the responses. Non-blind spoofing is when you are somewhere "in the line of site" as one end of the connection and can sniff some packets. For example, you may spoof a neighbor on the same cable-modem segment. Non-blind spoofing is also used in sniffers like juggernaut to either kill connections or to hijack them. From Hacking-Lexicon

2. vi. To capture, alter, and retransmit a communication stream in a way that misleads the recipient. As used by hackers, refers especially to altering TCP/IP packet source addresses or other packet-header data in order to masquerade as a trusted machine. This term has become very widespread and is borderline techspeak. From Jargon Dictionary