Ip spoofing – how secure can ip based login be? – information security stack exchange
A spoofed Ip cannot get an answer out of your server
A spoofed Ip cannot get an answer out of your server
This really is 100% true. The reaction to a TCP couldn’t be sent when the ip isn’t really the valid ip.
When behind a proxy or router, what is the related method in which enables me to recognize the consumer, i.e. some Forwarded-By (or what’s it known as) header?
I do not understand the objective of this. If you’re behind a router then your user’s ip is exactly what stated hardware has assigned it to. So any identity information is information and never the particular information other people would see outdoors of the network.
What can you recommend provided the necessity is so that you can configure this IP-based (or related)?
What is the necessity?
I am particularly interested in the 2nd item. Based on Wikipedia, it’s very hard although not impossible to trap the solution packet of the spoofed Ip. It does not specify certain requirements though.
This could require you be between your server and also the client. Otherwise all responses are really visiting the ip the server thinks it ought to visit, and also, since you do not really obtain that ip, you will not recieve that ip. When you are in the centre you recieve the packet ( really all packets that’s another matter altogether ) and can react to stated packet.
Otherwise eventually the server will enjoy any tcp connection ignore you.
Once each and every digital camera that’s attached to the internet includes a IPv6 address you Could possibly make use of an ip to ensure a “device” but stated never the “user” itself. This obviously is not likely to ever happen for a lot of reasons. IPv4 has existed for 25-3 decades, meaning, you may still find more IPv6 addresss, then devices produced in that point though :$
Resourse: https://security.stackexchange.com/questions/13255/