Having your IP address considered as private from a legal point of view, it is always interesting to increase your on-line privacy. Not only to hide your illegal activity indeed for most politicians and anti-fraud organizations, behind each surfers lives, but to just keep your personal information away from marketing companies. Think about the search engines which build your profile based on your searches.
That is why we search all over for tools to increase your on-line privacy. A new one is called IPFuck. From the website: “IPFuck is a Firefox add-on created to simulate the use of a proxy. With this add-on installed and enabled, and if a lot of us use it, there will no longer be any mean to know who is using a real IP, who isn’t and who was charged doing something he didn’t…“.


IPFuck is based on the X-Forwarded-For HTTP header. When the add-on is installed and activated, your Firefox will automatically add a new XFF header to all the HTTP requests sent (like it was located behind a proxy). The reported IP address can be:
  • Generated randomly (the most common usage)
  • Select from a list
The second option can be handy to simulate traffic from a specific geographic location or organization. If we extrapolate the usage of this extension, it could also be used to perform intrusion tests! (to abuse websites which grant access based on the browser IP address).
We have tested the add-on via a direct Internet connection and via a local Squid instance. It worked just fine! When Squid was proxying my requests, the XFF and VIA headers where correctly rewritten!
Always keep in mind that X-Forwarded-For is a de-facto standard and quite well supported by application developers or vendors. It was introduced by the developers of the Squid proxy but it not part or any RFC What does it mean … IPFuck will clearly not warranty your privacy. This is a proof-of-concept to show that IP addresses can easily be spoofed and no taken as an evidence.
Download IPFuck v 1.0.1 here

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.