Posted by The Natural Philosopher on 01/21/08 22:36

Jonas Werres wrote:
>> Nothing at all to do with PHP.
>
> I think you did not understand what I wrote.
>
> The OP asked if one can spoof the IP address while requesting a document.
> Jerry says (correctly) that it would not be possible to get the answer.
> That might imply that is IS possible to make a request, but the answer
> goes nowhere. That would be enough if the purpose of the request was
> e.g. to delete a database by SQL injection. The answer is unimportant.
>
> What I said was that I think it is not even possible to make a request
> (regardless where the answer would go), because that would require a
> connection which cannot be established with a spoofed IP.


A request implies an open TCP connection, which implies that a session
has been set up.

You cannot *set up* a session without a valid return path.

That is, you would never get as far as being able to send a request to a
server, since that must be done over and establsihed session.

IP spoofing as far as I can think, can only be utilised if one has admin
level access to routing. Typically if uou are on the same NETWORK as the
address you are spoofing, or in control of a router between it and its
target.

i.e. if you sit at an ISP, and stuff in a piece of kit on someone elses
IP address, and do clever things with a core router, you MIGHT be able
to patch a route to that address into the ISPs routers.

I don't actually know if this has ever happened outside of e.g. a large
campus network where security was pretty lax. It would be an instant
firing if an ISP admin did that.

Or possibly someone sniffing a wifi network could grab some login
details to a site..not easy, but possible, and spoof via that.

Network layer code is pretty robust: its much easier to hack using
application layer exploits.

[Back to original message]