Bogus Hostname and IP

Posted on 1998-06-20
Last Modified: 2010-04-22

 This is not matter of death or life for me but it locked up my interest. I have seen people that login in a normal way(using ISP Service) and making some tricks in their Linux box and manipulate their IP or even their hostname. Is this possible?
 In my web site I have locked the index.html with the chmod 600 permission and later pass the control from the .htaccess for deny entry at a perl script which write a log where I can see it later and later this script pass the control to welcome.html file.
 What I do is simple: I record their IP, Browsers, Hostnames, Referring Site, time and etc.
 I am very curious but I have seen three guys so far that they have accessed this page and I get the output that the hostname and their IP have a same value for example this is one entry: Hostname: and IP:
 I know that this should be some kind of trick but the best part is that I am able to connect their websites(running Apache) but when I try to lookup these IP and try to resolve them there is not any hostnames for those IP's. Are these bogus IP's?
 I have Linux(Slackware 2.0.30) in my computer, can I do the same thing? If yes how ... and please be SPECIFIC in the instructions you are giving...

Question by:elvaaa
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3

Expert Comment

ID: 1637373
What you found by lookup (that those IP's have no symbolic names) is the reason why the IP is recorded for hostname in your log.
Some ISPs do not provide hostnames for dynamic IP addresses.
In those cases you see the IP instead.
There's no "normal" way to change your IP, nor your hostname.

Author Comment

ID: 1637374

 Melev! You still did not give me an expert solution!

 I forgot something! The user with the IP I said( has reported(the perl script) that he is using Netscape 3/Win95 but at the time I tested this IP using Apache came up. I do not know yet if is out there a version of Apache able to work in Win95.

 1. How is that possible and do I have the chance to do the same thing in my linux box?

 2. I do not know what is called(is seems logical to me) but is it possible that I can assign(and HOW) an IP to another computer connected to my linux box(ethernet for example) and this computer(no mine) has the ability to access the Internet. It happens and the answer is YES but I want to know HOW since this place(this web site) can provide me with the best Linux users and programmers.


Author Comment

ID: 1637375

 A friend of mine has discovered that computer that visited my site was originated from Bulgaria. It is a PPP dial up link from a student connected to the DIALUP Server of American University in Bulgaria ( - IP: and they have the version 1.3 of Apache. This is an ESTIMATED GUESS however but it is definitely a DialUp connection because this IP does not give an activity at all.
 I am just curious how this can be done from my Linux box - please see the Ethernet version sample I said in the comment above this one.

Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users


Expert Comment

ID: 1637376
It is true you can connect other computers to your linux box and assign IP addresses to them, HOWEVER these addresses will only be valid within your local network (your home). There is something called "IP masquerading" that lets them access the global network (the Internet). It does so by "pretending" that all your local network is a single computer with a single IP (namely, your linux box's one). So from outside, it still looks as the same IP.
The reason you can't just arbitrarily assume an IP is that the routers who carry traffic all over the Internet have to know how your IP can be reached.

About Netscape/Win95 vs. Apache - it may be that he was using a HTTP proxy - in that case, you'd see the IP of the proxy server.

Author Comment

ID: 1637377


 This IP masquerading is a great idea for a single ISP account which I am going to do it probably these days. I have two modems(33.6 and 28.8 kbps) which I am going to link them together to get a better bandwidth(almost double). I asked my ISP and they are ok if I log twice in their network. But I still do not understand if I am going to get two IP's or just a single one?
 You got it! I did not think about proxy servers(Netscape Win95/Apache). That is a wise catch which I never would have thought that solution.
 I think that no one would have think that was a proxy cache involved there. Anyway since I have now the idea of this kind of thing can you tell me what is the best/cheaper for an ethernet solution? I have now a Pentium(No MMX - Linux box) 90Mhz and a Pentium II 333Mhz(Windows 98/NT Workstation installed).
 I would like to make the Linux as the server and link the NT as client for the Linux. Can you tell me a ethernet type I need?

 mlev! post an answer to get your points and believe you are the first that got so close. I wouldn't think about it that way. Please do not forget the ethernet type I need!

 Thank You!

Accepted Solution

mlev earned 30 total points
ID: 1637378
1. Heh, I wish my ISP was so benevolent, then the whole country could use a single account :)  I guess the simplest way is to try and see. I'd think you'll get separate IPs for each modem. To utilise that, you'll need serial line load balancing - read section 6.6 in NET-3-HOWTO.
2. Ethernet - anything that is supported, really (see Ethernet-HOWTO): 3com, WD, NE2000... The cheapest I could find when I needed one was a NE2000 compatible. It's not the best, but probably enough for a home network. (Btw, Ethernet is a sort of "anarchy" - there are no clients and servers at that level, they are defined at the application level.)

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension ( This reminded me of questions tha…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question