Why is it not possible to fake an IP address?

2020-02-08 05:16发布

I know it's possible to change an IP address using a proxy, but I'm interested in why is it not possible to change it by sending changed data from a single computer?

Update:

Thanks for quick replies, but it's not clear, what would happen, should a stateless protocol be used, like HTTP. I'm not familiar with lower-level network communication, but it seems that theoretically it should be possible to faken IP address if a PC connects to the server and receives the reply immediately.

标签: tcp ip
4条回答
【Aperson】
2楼-- · 2020-02-08 05:47

It is fully possible to send data with a fake sender IP. You'll have a hard time getting replies though, since the replies will be sent to the fake IP and never reach you. Additionally, if you send data with a "from" IP that a router doesn't expect to arrive from you, the router will often simply drop it, and sometimes inform the ISP that you're up to something that violates your TOS.

EDIT: In response to edited post.

Any protocol (such as HTTP) that is built on top of a connection-oriented protocol (TCP) will require a valid IP. The cases where fake IPs have been prevalent mostly involve Denial Of Service attacks, using UDP, ICMP or the initial SYN packet in a TCP handshake.

查看更多
欢心
3楼-- · 2020-02-08 05:56

(* Its an old question and the answers are okay, just one addition)
its called IP spoofing, firewalls are working hard to detect and block it and network-bridges might get confused by it (for a while)
http://en.wikipedia.org/wiki/IP_address_spoofing

查看更多
兄弟一词,经得起流年.
4楼-- · 2020-02-08 06:07

You can use any IP address you want for sending, but replies will go to the IP address you used, so you cannot establish two-way communication this way.

查看更多
Fickle 薄情
5楼-- · 2020-02-08 06:08

If you try to send a packet by changing the source ip addres you can send it to someone else but if you want a packet to return to your pc you must use something like a NAT

If you are behind a router on your network you are in essence changing hiding your own identity

Example: you : 192.168.1.4 insiderouter: 192.168.1.1 external-ip: 8.8.8.8 destination-ip: 8.8.4.4

Sending a packet: from: 192.168.1.4 (you) to 8.8.4.4 (dest) router transelates to : from: 8.8.8.8 (external-ip) to 8.8.4.4 (dest) and keeps your ip in his memory

than the packet arives at his destination.

Now the destination sends a packet back from: 8.8.4.4 (dest) to 8.8.8.8 (external-ip) router transelates to (whith using its memory) from: 8.8.4.4 (dest) to 192.168.1.4 (you)

and now the packet returns to your pc

as you can see the destination doesnt know your ip but only knows the ip of the router

this is a way you can acclompisch a way to hide your ip

查看更多
登录 后发表回答