Solved

Bogus Hostname and IP

Posted on 1998-06-20
6
370 Views
Last Modified: 2010-04-22

 This is not matter of death or life for me but it locked up my interest. I have seen people that login in a normal way(using ISP Service) and making some tricks in their Linux box and manipulate their IP or even their hostname. Is this possible?
 In my web site I have locked the index.html with the chmod 600 permission and later pass the control from the .htaccess for deny entry at a perl script which write a log where I can see it later and later this script pass the control to welcome.html file.
 What I do is simple: I record their IP, Browsers, Hostnames, Referring Site, time and etc.
 I am very curious but I have seen three guys so far that they have accessed this page and I get the output that the hostname and their IP have a same value for example this is one entry: Hostname: and IP:193.68.138.78
 I know that this should be some kind of trick but the best part is that I am able to connect their websites(running Apache) but when I try to lookup these IP and try to resolve them there is not any hostnames for those IP's. Are these bogus IP's?
 I have Linux(Slackware 2.0.30) in my computer, can I do the same thing? If yes how ... and please be SPECIFIC in the instructions you are giving...

 Thanks,
 
0
Comment
Question by:elvaaa
  • 3
  • 3
6 Comments
 
LVL 2

Expert Comment

by:mlev
ID: 1637373
What you found by lookup (that those IP's have no symbolic names) is the reason why the IP is recorded for hostname in your log.
Some ISPs do not provide hostnames for dynamic IP addresses.
In those cases you see the IP instead.
There's no "normal" way to change your IP, nor your hostname.
0
 

Author Comment

by:elvaaa
ID: 1637374

 Melev! You still did not give me an expert solution!

 I forgot something! The user with the IP I said(193.68.138.78) has reported(the perl script) that he is using Netscape 3/Win95 but at the time I tested this IP using http://193.68.138.78/ Apache came up. I do not know yet if is out there a version of Apache able to work in Win95.

 1. How is that possible and do I have the chance to do the same thing in my linux box?

 2. I do not know what is called(is seems logical to me) but is it possible that I can assign(and HOW) an IP to another computer connected to my linux box(ethernet for example) and this computer(no mine) has the ability to access the Internet. It happens and the answer is YES but I want to know HOW since this place(this web site) can provide me with the best Linux users and programmers.

 Thanks,  
 
0
 

Author Comment

by:elvaaa
ID: 1637375

 A friend of mine has discovered that computer that visited my site was originated from Bulgaria. It is a PPP dial up link from a student connected to the DIALUP Server of American University in Bulgaria (http://www.aubg.bg/ - IP: 193.68.137.57) and they have the version 1.3 of Apache. This is an ESTIMATED GUESS however but it is definitely a DialUp connection because this IP does not give an activity at all.
 I am just curious how this can be done from my Linux box - please see the Ethernet version sample I said in the comment above this one.

 Thanks
 
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 2

Expert Comment

by:mlev
ID: 1637376
It is true you can connect other computers to your linux box and assign IP addresses to them, HOWEVER these addresses will only be valid within your local network (your home). There is something called "IP masquerading" that lets them access the global network (the Internet). It does so by "pretending" that all your local network is a single computer with a single IP (namely, your linux box's one). So from outside, it still looks as the same IP.
The reason you can't just arbitrarily assume an IP is that the routers who carry traffic all over the Internet have to know how your IP can be reached.

About Netscape/Win95 vs. Apache - it may be that he was using a HTTP proxy - in that case, you'd see the IP of the proxy server.
0
 

Author Comment

by:elvaaa
ID: 1637377

 mlev,

 This IP masquerading is a great idea for a single ISP account which I am going to do it probably these days. I have two modems(33.6 and 28.8 kbps) which I am going to link them together to get a better bandwidth(almost double). I asked my ISP and they are ok if I log twice in their network. But I still do not understand if I am going to get two IP's or just a single one?
 You got it! I did not think about proxy servers(Netscape Win95/Apache). That is a wise catch which I never would have thought that solution.
 I think that no one would have think that was a proxy cache involved there. Anyway since I have now the idea of this kind of thing can you tell me what is the best/cheaper for an ethernet solution? I have now a Pentium(No MMX - Linux box) 90Mhz and a Pentium II 333Mhz(Windows 98/NT Workstation installed).
 I would like to make the Linux as the server and link the NT as client for the Linux. Can you tell me a ethernet type I need?

 mlev! post an answer to get your points and believe you are the first that got so close. I wouldn't think about it that way. Please do not forget the ethernet type I need!

 Thank You!
 
0
 
LVL 2

Accepted Solution

by:
mlev earned 30 total points
ID: 1637378
1. Heh, I wish my ISP was so benevolent, then the whole country could use a single account :)  I guess the simplest way is to try and see. I'd think you'll get separate IPs for each modem. To utilise that, you'll need serial line load balancing - read section 6.6 in NET-3-HOWTO.
2. Ethernet - anything that is supported, really (see Ethernet-HOWTO): 3com, WD, NE2000... The cheapest I could find when I needed one was a NE2000 compatible. It's not the best, but probably enough for a home network. (Btw, Ethernet is a sort of "anarchy" - there are no clients and servers at that level, they are defined at the application level.)
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation. From the Ubuntu vi…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now