On Wed, Mar 14, 2012 at 13:30, shimi <[email protected]> wrote: > > On Wed, Mar 14, 2012 at 1:23 PM, ik <[email protected]> wrote: >> >> Hello, >> >> I'm trying to detect a layer 7 based HTTP request, and see if it >> contain headers that provided as spoofed IP address. >> Is there a way to detect what is the Ethernet that the request arrived >> from at apace level ? >> >> If so, how can I provide rules what to do according to an HTTP header >> fields ? >> > > You could look at the ARP cache by reading /proc/net/arp I guess. > > You ARE aware that Ethernet MACs, just like IPs, can be 'spoofed', right?
Yes, but it's not what I need to work upon. > > If your LAN is insecure, secure your LAN. Don't run web applications on > unsecure networks... My web app require to work also over the internet, and not only LAN (client request), that's why I'm looking for a way to secure it further. > > -- Shimi _______________________________________________ Linux-il mailing list [email protected] http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
