Having someone spoof your own IP is not a security issue in Web Wiz Forums as IP's are not used for authentication and only displayed for information purposes as they can sometimes be of help.
IP Addresses are easy to hide/spoof and there are countless ways of doing it, so you should never rely on IP address as set in stone and should be used for information purposes only as a guideline.
With Classic ASP that Web Wiz Forums is written in the IP can only be read in from the browser header, so you can easily change the IP using tools that modify your browsers header like what you are using.
Even if you could get the IP from the layer that TCP/IP works at it is still not reliable as there are lots of ways to hide or mask your IP including:-
- You can use Proxy Servers to hide your IP which would then leave behind the Proxy IP.
- If your ISP, Company, University, Coffee Shop, WI-FI Hotspot, etc. use a NAT then you can have 1,000's of people using a single IP on the Internet.
- A hacker could connect to a compromised PC and use their Internet connection to go on the Internet.
- You can Remote Desktop to another PC and use their Internet connection.
- Change the browsers header to have different IP's.
- You can even do something as simple as using a Neighbours unsecured Wi-Fi.
These are just a few of the ways you can hide, mask, or spoof an IP address there are countless more. Many of these ways mentioned would also leave behind incorrect IP's in your servers log files.
As you have found it's very simple to change your IP. Unfortunately there is not much that can be done about this as TCP/IP was not written with security in mind, which is why you get so much fraud and hacking online as it's simple to hide your IP and identity using many different ways.
Topic Options
Post Options
Thanks(0)
