You just need better authentication / encryption.
Basically, never work with raw sockets and IP addresses directly, if you can avoid. Negotiate P2P secure connections, preferably via a secure server, which can also help with the NAT punch-through and packet reflection.
Even then, don't trust the data send by clients. But it's more about game hacks and exploits, and how your game handles cheating, rather than a straight-up security issue.
Roughly how it looks in APIs such as XBox Live, PSN ...
1) player A creates a game session. That game session then resides on a secure server.
2) player A registers himself with the game session (probably part of the game session creation process anyway).
3) all communications between game server and player A are uniquely encrypted and secure.
4) player B searches for the game session.
5) player B finds the game session, then registers himself with the game session.
6) all communications between game server and player B are uniquely encrypted and secure.
7) player A gets notified by the game server that player B is registered with the game session. Received security information on how to connect to player B.
8) player B gets notified by the game server that player A is registered with the game session. Received security information on how to connect to player A.
9) Player A, or player B, or both then attempt to connect to each other. Their communications will be encrypted, and only decipherable by them (ideally).
and so on...
The game layer sees secure addresses being established under the hood, with payloads coming in. The game code doesn't really deal with raw IP's any more (on steam, it's just player Steam Ids). Which makes it a little bit tricky as far as debugging is concerned, but hey.