PDA

View Full Version : Detecting an IP Spoofed visit



SuzieQ
03-11-2006, 07:41 AM
:cool: Is there a way to detect if a visitor to your website is coming in thru a spoofed IP?

Said website only having a stat counter..can see the IP's and runs them on the ALLNETTOOLS to get info...

Ezekiel
03-11-2006, 09:27 AM
:cool: Is there a way to detect if a visitor to your website is coming in thru a spoofed IP?

Said website only having a stat counter..can see the IP's and runs them on the ALLNETTOOLS to get info...

No, if they are "spoofing" the ip, or using a proxy, then the only ip you will get will be the ip of the proxy. To find out if they are connecting through a proxy, you could port scan the ip for known ports that proxies use, and look at the results, which would show if it was a proxy.

SuzieQ
03-11-2006, 10:44 AM
Thanks...
Now, server side, is there a way to stop it?...
(Please excuse my ignorance on the topic and bear with me)
Is there a way to somehow have my server require that the connection be verified?..or deny access to proxy connections?..and if so, would that just effect the Spoofers, or could it be a problem for "real" visitors?...
:cool:

Ezekiel
03-11-2006, 10:54 AM
Thanks...
Now, server side, is there a way to stop it?...
(Please excuse my ignorance on the topic and bear with me)
Is there a way to somehow have my server require that the connection be verified?..or deny access to proxy connections?..and if so, would that just effect the Spoofers, or could it be a problem for "real" visitors?...
:cool:

I don't see a problem with people using proxies, but I suppose you could stop people connecting from known proxy ports, or scan all connections, but there isn't really anything you can do, it would depend on what server you are using, apache etc.

SuzieQ
03-11-2006, 01:41 PM
:cool: Thanks ....
Perhaps I should have explained exactly what it is Im trying to do...there may be an easier way then trying to take care of the spoofing...
I did just make another post re; banning a computer, not an IP...
I have a chatroom and there are some people that I dont want in there..nor do I want them on other areas of my website.
I have done the bit of banning their IP, but of course they still get in by spoofing...
now this chatroom has feature where the computer itself gets banned for certain time increments...if I knew how this was done, perhaps I could incorporate it in the rest of my website so these particular people I dont want there cant get in....