That extension only fools misconfigured webservers, You dont blindly accept X-Forwarded-For, VIA, or Client-IP as the 'real' IP
On Fri, Oct 24, 2014 at 4:34 PM, Arcane 21 <[email protected]> wrote: > Spammers might be using something similar to the IPfuck Firefox/Chrome > extension, which fakes an IP address instead of allowing the real IP to be > recorded, not sure how we can defend against that sort of thing at present. > > > Date: Fri, 24 Oct 2014 16:25:42 -0400 > > From: [email protected] > > To: [email protected]; [email protected] > > Subject: Re: [MediaWiki-l] Off topic: Wiki spammer is using spoofed IP > addresses??? > > > > The IP address belongs to CANTV Servicios which I have seen a LOT of spam > > from recently > > > > On Fri, Oct 24, 2014 at 3:25 PM, Al <[email protected]> wrote: > > > > > I am surprised to see that a spammer is spoofing his IP address. I got > > > some spam from 200.90.74.226 - "226" is out of range for IPs and so > isn't > > > even a valid IP address. I confirmed that the number is not a wiki > > > username and the apache log shows the same IP. It appears maybe the > > > spammer's script has a bug and not range-checking the generated numbers > > > which made it obvious that the IP is spoofed; otherwise I would have > never > > > noticed. > > > > > > I thought IP spoofing was a fairly sophisticated tactic and didn't > expect > > > to see a common wiki spammer using it, or am I wrong? I'm also > surprised > > > apache even allowed the connection, much less the Amazon AWS > firewall. Am > > > I missing something? > > > > > > Al > > > _______________________________________________ > > > MediaWiki-l mailing list > > > To unsubscribe, go to: > > > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > > > > > _______________________________________________ > > MediaWiki-l mailing list > > To unsubscribe, go to: > > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > > _______________________________________________ > MediaWiki-l mailing list > To unsubscribe, go to: > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
