Authenticate someone by ip, how safe is it?

Hi I have a script on a web server that is accepting xml from certain ip's that I approve. How easy is it for somone to spoof one of my approved ip's and send me unauthorized data? Is there some way that I can check that they are really sending from that ip?
jimkatAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
bloemkool1980Connect With a Mentor Commented:
if it is only sending and the spoofed IP does not need a response it is pretty easy to do it.
I would rather put authentication before you allow them to send. And no you cannot verify if it is spoofed or not unless it is not going over the internet you could check the mac address.
So unless he needs to click on something as a confirmation before sending it is not safe at all. I would rather suggest putting in authentication in combination with the IP address.
0
 
chicagoanCommented:
as bloemkool1980 indicated, one can easily spoof an IP address BUT it's a one way street, they can send you packets but never get an answer. TCP/IP requires a three-way handshake to establish a connection, you can't just send a steam of packets as with UDP.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.