[MUD-Dev] Grief players with ip/dns spoofers

Greg Underwood gunderwoodhsd at earthlink.net
Tue Nov 13 19:11:11 CET 2001

At 10:08 PM 7/12/01 -0700, Sean Kelly wrote:
> From: "Tand'a-ur" <tandaur at ix.netcom.com>

>> Hi, long time lurker here, and I've just about had it with a few
>> troublemakers that like to frequent my MUD.  Banning doesn't work
>> because they have ip spoofers and will just come back with
>> another made up ip. I was wondering if there is a way to detect a
>> phony ip and just flat out deny connections to them.

> Unless I'm misinformed, there is no way to maintain an interactive
> session with a spoofed IP.  What happens is that the response
> packets go to whatever that IP is and not back to the originator.

This is my understanding of it as well.  Any responses go back to
the faked IP address.  All you can accomplish with an IP spoof is to
issue potentially dangerous commands (IE: if you code has a problem
with out of sequence requests), impersonate someone (IE: issue
commands as if you were them) or flat out flood attacks.  The first
one is your code that needs fixing, the second and third are
trickier and usually involve getting the ISP and/or the lawyers


MUD-Dev mailing list
MUD-Dev at kanga.nu

More information about the mud-dev-archive mailing list