Welcome to WebmasterWorld Guest from 54.221.9.209

Forum Moderators: coopster & jatar k & phranque

Message Too Old, No Replies

Cgi Remote addr

Can this be spoofed?

     
8:36 pm on Dec 22, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:Mar 29, 2007
posts:1147
votes: 0


ok, we all know the REMOTE_ADDR variable, the IP of the client computer.

Is there any way at all this can lie? Client end routers/firewalls excepted, is there any way an attacker can fake his reported IP?

2:41 am on Dec 23, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Oct 4, 2001
posts: 1261
votes: 12


Not without internal access at the ISP, or a major hub in between... Not easy. Considering how simple it is to just use a proxy the chances of seeing a spoofed IP are basically zero.
8:27 am on Dec 23, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member

joined:May 31, 2008
posts:661
votes: 0


yeah, unless you count a proxy as "faked", it's pretty safe to be real.
Allthough, I'm really not into this technical stuff, but I always thought that most cgi-scripts are kind of vulnerable in that way because of http's statelessness, i.e. you could spoof a request from a certain IP and have a script executed. You wouldn't get the output, of course, but the script would run and get the spoofed IP as the client.
As I said, I don't really know if that's true, I just got the impression from reading a little into the whole thing - anyone care to clear that up?