On Oct 24, 2014 4:34 PM, "Arcane 21" <arcane(a)live.com> wrote:
Spammers might be using something similar to the
IPfuck Firefox/Chrome
extension, which fakes an IP address instead of allowing the
real IP to be
recorded, not sure how we can defend against that sort of thing at present.
you're doing something wrong if you're vulnerable to this.
http://ipflood.paulds.fr/ says:
when sending a request to a server you will provide
several information
about your IP address : three of them come from the Application
Layer and
the last one comes from the Transport Layer. This last one I can't modify :
you wouldn't get the answer to your request if that was done. But the three
others can be overwritten without any consequence to your browsing...
(
https://addons.mozilla.org/en-US/firefox/addon/ipflood/ is the same thing)
See also
https://meta.wikimedia.org/wiki/XFF_project
-Jeremy