B4J Question Spoofing of IP address with FTP

JackKirk

JackKirk

Well-Known Member
Licensed User
Longtime User
Hi,

Some time ago I implemented an FTP server in an AWS Windows EC2 instance using:

https://www.b4x.com/android/forum/t...d-with-socket-and-asyncstreams.74320/#content

as a template.

I am now going thru my project bulletproofing everything and have added the ability to beef up the authentication by checking the IP address of the client using:
B4X: 
        Dim jo As JavaObject = socket
user.FTPIPaddr = jo.GetFieldJO("socket").RunMethodJO("getInetAddress", Null).RunMethod("getHostAddress", Null)
In the Initialize method of the FTPClient class.

This all works nicely.

Doing some additional googling on "spoofing" and it seems that a miscreant can (to quote Wikipedia):
The basic protocol for sending data over the Internet network and many other computer networks is the Internet Protocol (IP). The protocol specifies that each IP packet must have a header which contains (among other things) the IP address of the sender of the packet. The source IP address is normally the address that the packet was sent from, but the sender's address in the header can be altered, so that to the recipient it appears that the packet came from another source.

The protocol requires the receiving computer to send back a response to the source IP address, so that spoofing is mainly used when the sender can anticipate the network response or does not care about the response.

The source IP address provides only limited information about the sender. It may provide general information on the region, city and town when on the packet was sent. It does not provide information on the identity of the sender or the computer being used.
Click to expand...
I think this means they can change the IP address in the header but not the IP address the response is sent to.

If this is so which IP address am I getting with my above code - the one in the header or the one the response is sent to?

Thanks for any enlightenment...
 
Sort by date Sort by votes
OliverA

OliverA

Expert
Licensed User
Longtime User
JackKirk said:
I think this means they can change the IP address in the header but not the IP address the response is sent to.

If this is so which IP address am I getting with my above code - the one in the header or the one the response is sent to?

Thanks for any enlightenment...
Click to expand...
There is one source IP in the header. There is not a “spoofed” one and a normal source IP. Therefore, you will always get the spoofed IP. It’s meaningless to spoof the destination address, since that’s where the packet is going.
 
Upvote 0
JackKirk

JackKirk

Well-Known Member
Licensed User
Longtime User
OliverA,

Thanks for your response.

Does anyone know of anyway to detect if the IP address is spoofed?
 
Upvote 0
You must log in or register to reply here.

Similar Threads

Blueforcer
  • Question
B4J Question B4X FTP Server Invalid Path
Replies
7
Views
1K
Erel
Erel
PatrikCavina
  • Question
B4J Question [SOLVED]FTP Upload problem
Replies
2
Views
1K
PatrikCavina
PatrikCavina
PatrikCavina
  • Question
B4J Question TCP Socket over internet
Replies
2
Views
2K
PatrikCavina
PatrikCavina
jmon
  • Question
B4J Question ServerSocket.GetMyIP Returning wrong IP with Bridge?
Replies
1
Views
2K
jmon
jmon
L
  • Question
B4J Question no response from server
Replies
2
Views
975
KMatle
KMatle
Top