Bogus Hostname and IP

 This is not matter of death or life for me but it locked up my interest. I have seen people that login in a normal way(using ISP Service) and making some tricks in their Linux box and manipulate their IP or even their hostname. Is this possible?
 In my web site I have locked the index.html with the chmod 600 permission and later pass the control from the .htaccess for deny entry at a perl script which write a log where I can see it later and later this script pass the control to welcome.html file.
 What I do is simple: I record their IP, Browsers, Hostnames, Referring Site, time and etc.
 I am very curious but I have seen three guys so far that they have accessed this page and I get the output that the hostname and their IP have a same value for example this is one entry: Hostname: and IP:
 I know that this should be some kind of trick but the best part is that I am able to connect their websites(running Apache) but when I try to lookup these IP and try to resolve them there is not any hostnames for those IP's. Are these bogus IP's?
 I have Linux(Slackware 2.0.30) in my computer, can I do the same thing? If yes how ... and please be SPECIFIC in the instructions you are giving...

Who is Participating?
mlevConnect With a Mentor Commented:
1. Heh, I wish my ISP was so benevolent, then the whole country could use a single account :)  I guess the simplest way is to try and see. I'd think you'll get separate IPs for each modem. To utilise that, you'll need serial line load balancing - read section 6.6 in NET-3-HOWTO.
2. Ethernet - anything that is supported, really (see Ethernet-HOWTO): 3com, WD, NE2000... The cheapest I could find when I needed one was a NE2000 compatible. It's not the best, but probably enough for a home network. (Btw, Ethernet is a sort of "anarchy" - there are no clients and servers at that level, they are defined at the application level.)
What you found by lookup (that those IP's have no symbolic names) is the reason why the IP is recorded for hostname in your log.
Some ISPs do not provide hostnames for dynamic IP addresses.
In those cases you see the IP instead.
There's no "normal" way to change your IP, nor your hostname.
elvaaaAuthor Commented:

 Melev! You still did not give me an expert solution!

 I forgot something! The user with the IP I said( has reported(the perl script) that he is using Netscape 3/Win95 but at the time I tested this IP using Apache came up. I do not know yet if is out there a version of Apache able to work in Win95.

 1. How is that possible and do I have the chance to do the same thing in my linux box?

 2. I do not know what is called(is seems logical to me) but is it possible that I can assign(and HOW) an IP to another computer connected to my linux box(ethernet for example) and this computer(no mine) has the ability to access the Internet. It happens and the answer is YES but I want to know HOW since this place(this web site) can provide me with the best Linux users and programmers.

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

elvaaaAuthor Commented:

 A friend of mine has discovered that computer that visited my site was originated from Bulgaria. It is a PPP dial up link from a student connected to the DIALUP Server of American University in Bulgaria ( - IP: and they have the version 1.3 of Apache. This is an ESTIMATED GUESS however but it is definitely a DialUp connection because this IP does not give an activity at all.
 I am just curious how this can be done from my Linux box - please see the Ethernet version sample I said in the comment above this one.

It is true you can connect other computers to your linux box and assign IP addresses to them, HOWEVER these addresses will only be valid within your local network (your home). There is something called "IP masquerading" that lets them access the global network (the Internet). It does so by "pretending" that all your local network is a single computer with a single IP (namely, your linux box's one). So from outside, it still looks as the same IP.
The reason you can't just arbitrarily assume an IP is that the routers who carry traffic all over the Internet have to know how your IP can be reached.

About Netscape/Win95 vs. Apache - it may be that he was using a HTTP proxy - in that case, you'd see the IP of the proxy server.
elvaaaAuthor Commented:


 This IP masquerading is a great idea for a single ISP account which I am going to do it probably these days. I have two modems(33.6 and 28.8 kbps) which I am going to link them together to get a better bandwidth(almost double). I asked my ISP and they are ok if I log twice in their network. But I still do not understand if I am going to get two IP's or just a single one?
 You got it! I did not think about proxy servers(Netscape Win95/Apache). That is a wise catch which I never would have thought that solution.
 I think that no one would have think that was a proxy cache involved there. Anyway since I have now the idea of this kind of thing can you tell me what is the best/cheaper for an ethernet solution? I have now a Pentium(No MMX - Linux box) 90Mhz and a Pentium II 333Mhz(Windows 98/NT Workstation installed).
 I would like to make the Linux as the server and link the NT as client for the Linux. Can you tell me a ethernet type I need?

 mlev! post an answer to get your points and believe you are the first that got so close. I wouldn't think about it that way. Please do not forget the ethernet type I need!

 Thank You!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.