Web Wiz Forums - Invalid IP addresses

Invalid IP addresses - spoofed??

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=29188
Printed Date: 01 April 2026 at 12:39pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: Invalid IP addresses - spoofed??

Posted By: redhawk
Subject: Invalid IP addresses - spoofed??
Date Posted: 18 March 2011 at 6:32pm

I've noticed from time to time that some posters have IP addresses such as 127.0.0.1, 192.168.1.100 etc which cannot be possible since they're both local.
I've also noticed a pattern of behaviour with spambots too, we could get several in a space of a few minutes and then nothing for the rest of the day.
Each spam post seems to originate from different machines but I strongly suspect they're all coming from the same person.

Anyway I found a Firefox plugin today, basically it lets you add items to the http header such as "X-Forwarded-For" which incidentally can spoof your location for certain web sites.
So I tested WebWiz using IP 18.3.20.11 (today's date) and sure enough "Active Users" shows me as being from that IP address.

I did a quick search here for "X-Forwarded-For" but found nothing so I assume this hasn’t been discussed yet.

Are WebWiz aware if this exploit??

Is this a forum software problem or web server issue that can be fixed or patched??

If my IP address was spoofed could this be used to evade an IP bad??

Richard S.

Replies:

Posted By: WebWiz-Bruce
Date Posted: 19 March 2011 at 7:07am

Having someone spoof your own IP is not a security issue in Web Wiz Forums as IP's are not used for authentication and only displayed for information purposes as they can sometimes be of help.

IP Addresses are easy to hide/spoof and there are countless ways of doing it, so you should never rely on IP address as set in stone and should be used for information purposes only as a guideline.

With Classic ASP that Web Wiz Forums is written in the IP can only be read in from the browser header, so you can easily change the IP using tools that modify your browsers header like what you are using.

Even if you could get the IP from the layer that TCP/IP works at it is still not reliable as there are lots of ways to hide or mask your IP including:-

You can use Proxy Servers to hide your IP which would then leave behind the Proxy IP.
If your ISP, Company, University, Coffee Shop, WI-FI Hotspot, etc. use a NAT then you can have 1,000's of people using a single IP on the Internet.
A hacker could connect to a compromised PC and use their Internet connection to go on the Internet.
You can Remote Desktop to another PC and use their Internet connection.
Change the browsers header to have different IP's.
You can even do something as simple as using a Neighbours unsecured Wi-Fi.

These are just a few of the ways you can hide, mask, or spoof an IP address there are countless more. Many of these ways mentioned would also leave behind incorrect IP's in your servers log files.

As you have found it's very simple to change your IP. Unfortunately there is not much that can be done about this as TCP/IP was not written with security in mind, which is why you get so much fraud and hacking online as it's simple to hide your IP and identity using many different ways.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting