IP Spoofing using Browser ?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

IP Spoofing using Browser ?

Post by anjanesh »

$_SERVER['REMOTE_ADDR'] returns the IP address from which the request is coming from. Is this being sent by the browser ? So if somone recompiles Mozilla from source he can have it send a wrong IP all the time. Is this possible ?

Thanks
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

or the user can just use a proxy server all the time. there is no way to be completly certain of a users ip address...i think.
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

Ok. But I would like to know is if the IP is coming from the browser's data being set across or from the ISP ? Because the browser info has to pass through the ISP and I thought maybe the ISP can send along the right IP it came from ? Do ISPs send that or is it purely from the users' part ?

Thanks
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

It's being determined by your own server (which can be fooled using any anonymous proxy).
Roja
Tutorials Group
Posts: 2692
Joined: Sun Jan 04, 2004 10:30 pm

Post by Roja »

anjanesh wrote:Ok. But I would like to know is if the IP is coming from the browser's data being set across or from the ISP ? Because the browser info has to pass through the ISP and I thought maybe the ISP can send along the right IP it came from ? Do ISPs send that or is it purely from the users' part ?

Thanks
All of the above.

If the user connects directly to your site, and uses IE, and makes no changes, it will be his/her IP.

However..

If the user uses Opera or Mozilla, its trivial with extensions to change that manually.

If the user connects to an anonymizer/proxy, it will be the address of the proxy. Or might be blank. Or might be spoofed.

If the user connects from AOL, it can report as the ip of the individual, the ip of the closest proxy, or even unrelated proxy IP's.

--

In short, there is *no* reliable way of detecting a user's ip, and the user's ip can often change during a single session.
Post Reply