Why is it not possible to fake an IP address?
Solution 1
It is fully possible to send data with a fake sender IP. You'll have a hard time getting replies though, since the replies will be sent to the fake IP and never reach you. Additionally, if you send data with a "from" IP that a router doesn't expect to arrive from you, the router will often simply drop it, and sometimes inform the ISP that you're up to something that violates your TOS.
EDIT: In response to edited post.
Any protocol (such as HTTP) that is built on top of a connection-oriented protocol (TCP) will require a valid IP. The cases where fake IPs have been prevalent mostly involve Denial Of Service attacks, using UDP, ICMP or the initial SYN packet in a TCP handshake.
Solution 2
You can use any IP address you want for sending, but replies will go to the IP address you used, so you cannot establish two-way communication this way.
Solution 3
(* Its an old question and the answers are okay, just one addition)
its called IP spoofing, firewalls are working hard to detect and block it and network-bridges might get confused by it (for a while)
http://en.wikipedia.org/wiki/IP_address_spoofing
Solution 4
If you try to send a packet by changing the source ip addres you can send it to someone else but if you want a packet to return to your pc you must use something like a NAT
If you are behind a router on your network you are in essence changing hiding your own identity
Example: you : 192.168.1.4 insiderouter: 192.168.1.1 external-ip: 8.8.8.8 destination-ip: 8.8.4.4
Sending a packet: from: 192.168.1.4 (you) to 8.8.4.4 (dest) router transelates to : from: 8.8.8.8 (external-ip) to 8.8.4.4 (dest) and keeps your ip in his memory
than the packet arives at his destination.
Now the destination sends a packet back from: 8.8.4.4 (dest) to 8.8.8.8 (external-ip) router transelates to (whith using its memory) from: 8.8.4.4 (dest) to 192.168.1.4 (you)
and now the packet returns to your pc
as you can see the destination doesnt know your ip but only knows the ip of the router
this is a way you can acclompisch a way to hide your ip
Related videos on Youtube
Comments
-
Fluffy over 4 years
I know it's possible to change an IP address using a proxy, but I'm interested in why is it not possible to change it by sending changed data from a single computer?
Update:
Thanks for quick replies, but it's not clear, what would happen, should a stateless protocol be used, like HTTP. I'm not familiar with lower-level network communication, but it seems that theoretically it should be possible to faken IP address if a PC connects to the server and receives the reply immediately.
-
Lightness Races in Orbit about 13 yearsYou can't "change" your IP address by using a proxy. You'll simply appear to the endpoint to have the IP address of the proxy. You're not "changing" anything, just hiding behind someone else.
-
BeemerGuy over 7 yearsA layman analogy: if you send an email with a fake FROM email address, the recipient will reply to that email address, so it's pointless in that sense because you won't get a reply. But, you can send such emails in huge amounts that will potentially cause the recipient's email server to crash -- theoretically speaking.
-
-
Erik about 13 yearsHTTP requires a TCP connection, you need to send data and get a response.
-
kmgdev almost 10 yearsCan a hacker send a request using a fake IP, then intercept the response from the server?
-
Simon Richter over 9 years@kgrote, if the hacker has access to the path the return packet takes, then yes.
-
Stephen Zeng about 9 yearsSo whitelist or blacklist IP address is not really safe because the faked IP side can send some potentially damaging data?
-
NeverEndingQueue almost 7 years@StephenZeng Good question, it might the case with the UDP traffic. However as far I am concerned the TCP traffic requires 2-way communication. Would be great if someone more experienced could confirm that.