Posted by AdamT on 02/25/05 12:11

On Wed, 23 Feb 2005 19:17:05 -0000, SED <sed@sed.is> wrote:
> Is it possible for hackers to give a fake IP address when visiting a website
> running PHP?
>
It might be difficult for a script-kiddy to spoof his IP address, but
it isn't difficult for him to find an open proxy server, meaning that
all traffic from said Kiddy will appear in the logs with the IP of the
proxy. Or hey, perhaps one of the machines in your 'trusted' IP range
will have been compromised, and could be used as a proxy.

Also, don't rely on NAT'd RFC1918 addresses. Your web server won't
see them (eg - your company uses the network 192.168.25.0/24, so you
allow only that, but PHP only sees the external NAT'd address of the
user).

--
AdamT
"Justify my text? I'm sorry, but it has no excuse."

• Next in thread: REMOTE_ADDR
• Prev in thread: Re: [PHP] Re: Can $_SERVER['REMOTE_ADDR'] be trusted?
• Next in forum: List gone quiet?
• Prev in forum: Re: Web Browser Timeout on Upload Script
• Thread view: REMOTE_ADDR

[Reply to this message]