This case study examined a forged TCP SYN packet using a spoofed internal IP address as its source. The attacker did not attempt to complete a session or deliver a payload — instead, they employed identity deception at the IP layer, crafting traffic designed to resemble trusted internal communication.