On Oct 24, 2014 4:34 PM, "Arcane 21" arcane@live.com wrote:
Spammers might be using something similar to the IPfuck Firefox/Chrome
extension, which fakes an IP address instead of allowing the real IP to be recorded, not sure how we can defend against that sort of thing at present.
you're doing something wrong if you're vulnerable to this.
http://ipflood.paulds.fr/ says:
when sending a request to a server you will provide several information
about your IP address : three of them come from the Application Layer and the last one comes from the Transport Layer. This last one I can't modify : you wouldn't get the answer to your request if that was done. But the three others can be overwritten without any consequence to your browsing...
( https://addons.mozilla.org/en-US/firefox/addon/ipflood/ is the same thing)
See also https://meta.wikimedia.org/wiki/XFF_project
-Jeremy