发表新帖
发表新帖

Why is it not possible to fake an IP address?

前端 未结
关注
4 1433
清歌不尽
清歌不尽 2020-12-13 17:22

I know it\'s possible to change an IP address using a proxy, but I\'m interested in why is it not possible to change it by sending changed data from a single computer?

相关标签:
4条回答
  • [愿得一人]
    2020-12-13 17:52

    If you try to send a packet by changing the source ip addres you can send it to someone else but if you want a packet to return to your pc you must use something like a NAT

    If you are behind a router on your network you are in essence changing hiding your own identity

    Example: you : 192.168.1.4 insiderouter: 192.168.1.1 external-ip: 8.8.8.8 destination-ip: 8.8.4.4

    Sending a packet: from: 192.168.1.4 (you) to 8.8.4.4 (dest) router transelates to : from: 8.8.8.8 (external-ip) to 8.8.4.4 (dest) and keeps your ip in his memory

    than the packet arives at his destination.

    Now the destination sends a packet back from: 8.8.4.4 (dest) to 8.8.8.8 (external-ip) router transelates to (whith using its memory) from: 8.8.4.4 (dest) to 192.168.1.4 (you)

    and now the packet returns to your pc

    as you can see the destination doesnt know your ip but only knows the ip of the router

    this is a way you can acclompisch a way to hide your ip

    0 讨论(0)
  • 余生分开走
    2020-12-13 18:09

    It is fully possible to send data with a fake sender IP. You'll have a hard time getting replies though, since the replies will be sent to the fake IP and never reach you. Additionally, if you send data with a "from" IP that a router doesn't expect to arrive from you, the router will often simply drop it, and sometimes inform the ISP that you're up to something that violates your TOS.

    EDIT: In response to edited post.

    Any protocol (such as HTTP) that is built on top of a connection-oriented protocol (TCP) will require a valid IP. The cases where fake IPs have been prevalent mostly involve Denial Of Service attacks, using UDP, ICMP or the initial SYN packet in a TCP handshake.

    0 讨论(0)
  • 傲寒
    2020-12-13 18:12

    You can use any IP address you want for sending, but replies will go to the IP address you used, so you cannot establish two-way communication this way.

    0 讨论(0)
  • 醉酒成梦
    2020-12-13 18:17

    (* Its an old question and the answers are okay, just one addition)
    its called IP spoofing, firewalls are working hard to detect and block it and network-bridges might get confused by it (for a while)
    http://en.wikipedia.org/wiki/IP_address_spoofing

    0 讨论(0)
 看不清?
提交回复
热议问题