IP Tunneling for server security

Status
Not open for further replies.
Neighboring IPs ping time is the same which means your server is in the same data centre... Unless of course you are simply directing traffic on that 1 port?
 
It wont be a difficult task to find real IP, if you allow 3rd party data fetching, like a PHP script to accept uploaded data or any script which interacts with 3rd party data from the real server.

As with the current setup one can only assume the country from the latency, there wont be any definite IP as an answer when using a Proxy / Tunnel
 
Yes, that's actually a limitation of this system, ALL uploads/upstream traffic must route through the "public" server, so will be limited by lowest common speed, and you will get billed bandwidth for both servers. It's really most adequate for downloads, or with trusted uploaders who can have access to the real IP
 
Hi Streambox. There may be a very ugly way of doing it but it requires your ISP hasn't got any sort of resrictions that prevent IP spoofing.

I recall once connecting 2 networks to a single server with 2 IP addresses

So 1 server had IP 123.123.123.123 (NetA) and at the same time had IP 234.234.234.234 (NetB). Each network connection required it's own gateway.

I had assumed that if you ping 1 IP, the 'pong' would come out FROM that network of which the ping was initially recieved but actually it goes out on the default gateway.

So outbound traffic would always go out of NetA even if the request went in through NetB. The outgoing packet did appear to come from NetB however.

So what you might be able to send out packets from a 'spoofed' address as long as you can correctly direct those request packets to the spoofing server from the public server.

It's kind of silly and ugly, but it might work.
Even if you have an ISP like that:
a) if the connecting ISP implements proper filtering (90% of the time) it wont work.
b) the isp will most likley disconnect you for IP spoofing
c) it would have to be a pretty shit ISP.

I would never recommend that to someone.
 
Status
Not open for further replies.
Back
Top