How serious a threat is IP spoofing?

Since one layer of security on a couple of the ports of my server is a set of firewall rules restricting access to certain IPs, I wonder how strong a barrier this is.

I know IPs can be spoofed, but each of the attack methods I am aware of (not counting DOS attacks) requires some form of man-in-the-middle to hijack a legitimate session after it was authenticated in the beginning.

This possibility seems to me to be rather remote, but I wonder if I am wrong. Specifically, I am concerned about TCP port 3306, which is used for updating MySQL databases.

Any opinions?

 

 

 

 

Top