-5

I run a gaming website. Players download the client software, install it and run it on their desktops. The software isn't hosted on the main server but I have been told that once the software is running and connected to the server, the IP Address of the latter can be exposed. Is that possible ? If so, How ? And how to "Hide" or "Spoof" it ?

Thank You.

SysAdminBeginner
  • 25
  • 2
  • 1
    You'll want to explain what you're actually trying to achieve here; at present it's a non-question with no hope of a useful answer. – womble Aug 06 '11 at 09:16
  • 1
    This is kind of like requiring someone to deliver mail to your house but not wanting them to know where your mailbox is. You can't have it both ways. Just secure the server(s) against intrusion and keep it updated...that's part of what a sysadmin is supposed to do. – Bart Silverstrim Aug 06 '11 at 10:35

4 Answers4

6

Sure is it exposed. This is by design. Otherwise you could not connect two endpoints. That's the purpose of the Internet Protocol.

And as it is necessary you can't hide or spoof it. Why even should you?

mailq
  • 16,882
  • 2
  • 36
  • 66
  • Here a [reference](http://security.stackexchange.com/questions/1009/what-security-risks-does-ip-spoofing-bring) why IP spoofing can't work. IP spoofing in the sense of "hiding the source in an (established) connection" is an urban legend. – mailq Aug 06 '11 at 09:45
  • Also http://serverfault.com/questions/90725/are-ip-addresses-trivial-to-forge – Zoredache Aug 07 '11 at 01:51
2

If you've got a client machine that needs to take to some form of server or cluster of servers there's nothing you can do to hide that interface from someone with even the most basic of tools. You can however heavily protect that server with good firewalling.

Chopper3
  • 100,240
  • 9
  • 106
  • 238
0

If you are wanting to avoid hackers you need to set up a good firewall and follow other network security practices. To protect against DDoS attacks either find a large company that has very good DDoS protection on their network, which doesn't guarantee they will not null route your ip anyway, or go with a company that specializes in DDoS protection which costs a lot of money.

There are ways to hide your IP pretty effectively using things like tor hidden services but there are major downsides to doing that. Very poor performance and a limited userbase come to mind. You might end up with a link going around the world a couple times.

If you want further information please specify what you are wanting to protect against.

Jared Bartimus
  • 341
  • 1
  • 2
0

Who cares if the ip address is exposed? Why do so many people think that an exposed, discoverable ip address or domain name is some kind of security breach?

In addition, if clients couldn't ultimately discover and see your server's ip address then they wouldn't be able to connect to your server to play the game. In fact, the internet as we know it wouldn't work at all if clients couldn't discover the ip address of resources they were trying to connect to (web sites, email servers, etc., etc.).

joeqwerty
  • 108,377
  • 6
  • 80
  • 171