Bogus Hostname and IP

Posted on 1998-06-20
Last Modified: 2010-04-22

 This is not matter of death or life for me but it locked up my interest. I have seen people that login in a normal way(using ISP Service) and making some tricks in their Linux box and manipulate their IP or even their hostname. Is this possible?
 In my web site I have locked the index.html with the chmod 600 permission and later pass the control from the .htaccess for deny entry at a perl script which write a log where I can see it later and later this script pass the control to welcome.html file.
 What I do is simple: I record their IP, Browsers, Hostnames, Referring Site, time and etc.
 I am very curious but I have seen three guys so far that they have accessed this page and I get the output that the hostname and their IP have a same value for example this is one entry: Hostname: and IP:
 I know that this should be some kind of trick but the best part is that I am able to connect their websites(running Apache) but when I try to lookup these IP and try to resolve them there is not any hostnames for those IP's. Are these bogus IP's?
 I have Linux(Slackware 2.0.30) in my computer, can I do the same thing? If yes how ... and please be SPECIFIC in the instructions you are giving...

Question by:elvaaa
  • 3
  • 3

Expert Comment

ID: 1637373
What you found by lookup (that those IP's have no symbolic names) is the reason why the IP is recorded for hostname in your log.
Some ISPs do not provide hostnames for dynamic IP addresses.
In those cases you see the IP instead.
There's no "normal" way to change your IP, nor your hostname.

Author Comment

ID: 1637374

 Melev! You still did not give me an expert solution!

 I forgot something! The user with the IP I said( has reported(the perl script) that he is using Netscape 3/Win95 but at the time I tested this IP using Apache came up. I do not know yet if is out there a version of Apache able to work in Win95.

 1. How is that possible and do I have the chance to do the same thing in my linux box?

 2. I do not know what is called(is seems logical to me) but is it possible that I can assign(and HOW) an IP to another computer connected to my linux box(ethernet for example) and this computer(no mine) has the ability to access the Internet. It happens and the answer is YES but I want to know HOW since this place(this web site) can provide me with the best Linux users and programmers.


Author Comment

ID: 1637375

 A friend of mine has discovered that computer that visited my site was originated from Bulgaria. It is a PPP dial up link from a student connected to the DIALUP Server of American University in Bulgaria ( - IP: and they have the version 1.3 of Apache. This is an ESTIMATED GUESS however but it is definitely a DialUp connection because this IP does not give an activity at all.
 I am just curious how this can be done from my Linux box - please see the Ethernet version sample I said in the comment above this one.

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)


Expert Comment

ID: 1637376
It is true you can connect other computers to your linux box and assign IP addresses to them, HOWEVER these addresses will only be valid within your local network (your home). There is something called "IP masquerading" that lets them access the global network (the Internet). It does so by "pretending" that all your local network is a single computer with a single IP (namely, your linux box's one). So from outside, it still looks as the same IP.
The reason you can't just arbitrarily assume an IP is that the routers who carry traffic all over the Internet have to know how your IP can be reached.

About Netscape/Win95 vs. Apache - it may be that he was using a HTTP proxy - in that case, you'd see the IP of the proxy server.

Author Comment

ID: 1637377


 This IP masquerading is a great idea for a single ISP account which I am going to do it probably these days. I have two modems(33.6 and 28.8 kbps) which I am going to link them together to get a better bandwidth(almost double). I asked my ISP and they are ok if I log twice in their network. But I still do not understand if I am going to get two IP's or just a single one?
 You got it! I did not think about proxy servers(Netscape Win95/Apache). That is a wise catch which I never would have thought that solution.
 I think that no one would have think that was a proxy cache involved there. Anyway since I have now the idea of this kind of thing can you tell me what is the best/cheaper for an ethernet solution? I have now a Pentium(No MMX - Linux box) 90Mhz and a Pentium II 333Mhz(Windows 98/NT Workstation installed).
 I would like to make the Linux as the server and link the NT as client for the Linux. Can you tell me a ethernet type I need?

 mlev! post an answer to get your points and believe you are the first that got so close. I wouldn't think about it that way. Please do not forget the ethernet type I need!

 Thank You!

Accepted Solution

mlev earned 30 total points
ID: 1637378
1. Heh, I wish my ISP was so benevolent, then the whole country could use a single account :)  I guess the simplest way is to try and see. I'd think you'll get separate IPs for each modem. To utilise that, you'll need serial line load balancing - read section 6.6 in NET-3-HOWTO.
2. Ethernet - anything that is supported, really (see Ethernet-HOWTO): 3com, WD, NE2000... The cheapest I could find when I needed one was a NE2000 compatible. It's not the best, but probably enough for a home network. (Btw, Ethernet is a sort of "anarchy" - there are no clients and servers at that level, they are defined at the application level.)

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Steps to follow for Maintenance of Servers 4 54
Reset Root Password on CentOS 6 4 44
Setting up two Raspberry Pi gateways/routers 3 43
expectj telnet failing 5 26
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. Once you open the link you will see …
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now