Re: tcp/routing question...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, 7 Jun 2005, bruce wrote:

question.. is there a way for me, as the person running a server, able to
determine the actual ip address of the client that i'm talking to. or is it
seriously easy for a client (man in the middle) to spoof the ip address. in
which case you can never be completely sure as to who you're talking to...

You will know reliably the ip address of the remote end of an established tcp connection to your server.

But your context is that this could be a MITM attacker, so you want to know who really is behind.

In practice, you can't determine that. A client that has been proxied to your server is completely transparent... you just know you're talking to the proxy. (Of course in the case of a web proxy, the proxy server often injects extra info into the HTTP headers so you might be able to tell, but that's beside the point.)

Think about even in the case of a NAT'ed client. You know only the public IP. You wouldn't ever see the IP addresses behind the NAT gateway.

--
http://zitseng.com/

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux