|
|
Posted by Jerry Stuckle on 01/21/08 19:35
Jonas Werres wrote:
>> Nothing at all to do with PHP.
>
> I think you did not understand what I wrote.
>
> The OP asked if one can spoof the IP address while requesting a document.
> Jerry says (correctly) that it would not be possible to get the answer.
> That might imply that is IS possible to make a request, but the answer
> goes nowhere. That would be enough if the purpose of the request was
> e.g. to delete a database by SQL injection. The answer is unimportant.
>
> What I said was that I think it is not even possible to make a request
> (regardless where the answer would go), because that would require a
> connection which cannot be established with a spoofed IP.
>
Actually, you probably could send out a request from a faked IP address
with the correct hacker tools. But it would have to be short
(everything would have to fit in 7 packets). But it would depend on an
ISP which would accept the spoofed IP address. Correctly configured,
they shouldn't. But we also know how *everyone* has *everything*
correctly configured, don't we :-)
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|