are you sure about this...?? here's my question... client (a) --->>>> bank server (b) client (a) <<<--- bank server (b) if server b gets the data/information from 'a', server 'b should get ip address 1.2.3.4, which is the real ip address of client 'a'. is there away for a mitm server, to get in the middle, manipulate the data from 'a' to 'b', send the data to 'b' and spoof the ip address to look as though the data came from 'a'.. -bruce -----Original Message----- From: fedora-list-bounces@xxxxxxxxxx [mailto:fedora-list-bounces@xxxxxxxxxx]On Behalf Of Andy Green Sent: Tuesday, June 07, 2005 8:07 AM To: For users of Fedora Core releases Subject: Re: tcp/routing question... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 bruce wrote: | question.. is there a way for me, as the person running a server, able to | determine the actual ip address of the client that i'm talking to. or is it | seriously easy for a client (man in the middle) to spoof the ip address. in | which case you can never be completely sure as to who you're talking to... It's not generally possible to really spoof your IP address on a TCP/IP connection, where that means you appear to be coming from 123.123.123.123 when you are at 4.4.4.4, and you have no contact or control over 123.123.123.123. (Google "three way handshake" for the reason why). What is certainly possible (even easy) is to proxy through another machine... in the case above if you did control 123.123.123.123, the guy at 4.4.4.4 could proxy through it and appear in your logs as being at 123.123.123.123. - -Andy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFCpbf5jKeDCxMJCTIRAmzTAJwKh3Wn8ZHXxAoNZBw46g+PsvFp0QCdHru8 k/oJ6TQZvsbvpDgwu48F4ow= =8McU -----END PGP SIGNATURE----- -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
