Wow. It is easy for you to fake an IP and have the results sent back to you? You'll have to explain that before I believe you.

Lack of clarity on my part. I meant that faking a proxy is easy.

You pretend to be a legitimate caching proxy and fake the Via and X-Forwarded-For headers. Mix in a bot browsing the site with a few legitimate accounts and it becomes almost impossible to tell the difference between good and evil proxies (unless you start hammering the site with thousands of registrations.)

So you're either faced with blocking proxy IPs, which is bad for legitimate proxy users, or blocking the IPs delivered by the fake proxy headers which will have no effect.

If you are using IP for security, then the only risk from faking IPs is that someone can send you data with a forged IP in hopes of getting you to act on it.

Yup.

A denial of service attack is an especially annoying form of this if one of your possible acts is automated IP blocking. EvilPerson sends bad requests using the faked IP addresses of legitimate users. Legitimate users get banned.

In reply to Re^4 : Another way to get around automated bots (fake IP) by adrianh
in thread Another way to get around automated bots by AssFace

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.