|Perl: the Markov chain saw|
Re^4 : Another way to get around automated bots (fake IP)by adrianh (Chancellor)
|on May 17, 2004 at 15:34 UTC||Need Help??|
Wow. It is easy for you to fake an IP and have the results sent back to you? You'll have to explain that before I believe you.
Lack of clarity on my part. I meant that faking a proxy is easy.
You pretend to be a legitimate caching proxy and fake the Via and X-Forwarded-For headers. Mix in a bot browsing the site with a few legitimate accounts and it becomes almost impossible to tell the difference between good and evil proxies (unless you start hammering the site with thousands of registrations.)
So you're either faced with blocking proxy IPs, which is bad for legitimate proxy users, or blocking the IPs delivered by the fake proxy headers which will have no effect.
If you are using IP for security, then the only risk from faking IPs is that someone can send you data with a forged IP in hopes of getting you to act on it.
A denial of service attack is an especially annoying form of this if one of your possible acts is automated IP blocking. EvilPerson sends bad requests using the faked IP addresses of legitimate users. Legitimate users get banned.