Bogus Hostname and IP

Posted on 1998-06-20
Last Modified: 2010-04-22

 This is not matter of death or life for me but it locked up my interest. I have seen people that login in a normal way(using ISP Service) and making some tricks in their Linux box and manipulate their IP or even their hostname. Is this possible?
 In my web site I have locked the index.html with the chmod 600 permission and later pass the control from the .htaccess for deny entry at a perl script which write a log where I can see it later and later this script pass the control to welcome.html file.
 What I do is simple: I record their IP, Browsers, Hostnames, Referring Site, time and etc.
 I am very curious but I have seen three guys so far that they have accessed this page and I get the output that the hostname and their IP have a same value for example this is one entry: Hostname: and IP:
 I know that this should be some kind of trick but the best part is that I am able to connect their websites(running Apache) but when I try to lookup these IP and try to resolve them there is not any hostnames for those IP's. Are these bogus IP's?
 I have Linux(Slackware 2.0.30) in my computer, can I do the same thing? If yes how ... and please be SPECIFIC in the instructions you are giving...

Question by:elvaaa
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3

Expert Comment

ID: 1637373
What you found by lookup (that those IP's have no symbolic names) is the reason why the IP is recorded for hostname in your log.
Some ISPs do not provide hostnames for dynamic IP addresses.
In those cases you see the IP instead.
There's no "normal" way to change your IP, nor your hostname.

Author Comment

ID: 1637374

 Melev! You still did not give me an expert solution!

 I forgot something! The user with the IP I said( has reported(the perl script) that he is using Netscape 3/Win95 but at the time I tested this IP using Apache came up. I do not know yet if is out there a version of Apache able to work in Win95.

 1. How is that possible and do I have the chance to do the same thing in my linux box?

 2. I do not know what is called(is seems logical to me) but is it possible that I can assign(and HOW) an IP to another computer connected to my linux box(ethernet for example) and this computer(no mine) has the ability to access the Internet. It happens and the answer is YES but I want to know HOW since this place(this web site) can provide me with the best Linux users and programmers.


Author Comment

ID: 1637375

 A friend of mine has discovered that computer that visited my site was originated from Bulgaria. It is a PPP dial up link from a student connected to the DIALUP Server of American University in Bulgaria ( - IP: and they have the version 1.3 of Apache. This is an ESTIMATED GUESS however but it is definitely a DialUp connection because this IP does not give an activity at all.
 I am just curious how this can be done from my Linux box - please see the Ethernet version sample I said in the comment above this one.

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.


Expert Comment

ID: 1637376
It is true you can connect other computers to your linux box and assign IP addresses to them, HOWEVER these addresses will only be valid within your local network (your home). There is something called "IP masquerading" that lets them access the global network (the Internet). It does so by "pretending" that all your local network is a single computer with a single IP (namely, your linux box's one). So from outside, it still looks as the same IP.
The reason you can't just arbitrarily assume an IP is that the routers who carry traffic all over the Internet have to know how your IP can be reached.

About Netscape/Win95 vs. Apache - it may be that he was using a HTTP proxy - in that case, you'd see the IP of the proxy server.

Author Comment

ID: 1637377


 This IP masquerading is a great idea for a single ISP account which I am going to do it probably these days. I have two modems(33.6 and 28.8 kbps) which I am going to link them together to get a better bandwidth(almost double). I asked my ISP and they are ok if I log twice in their network. But I still do not understand if I am going to get two IP's or just a single one?
 You got it! I did not think about proxy servers(Netscape Win95/Apache). That is a wise catch which I never would have thought that solution.
 I think that no one would have think that was a proxy cache involved there. Anyway since I have now the idea of this kind of thing can you tell me what is the best/cheaper for an ethernet solution? I have now a Pentium(No MMX - Linux box) 90Mhz and a Pentium II 333Mhz(Windows 98/NT Workstation installed).
 I would like to make the Linux as the server and link the NT as client for the Linux. Can you tell me a ethernet type I need?

 mlev! post an answer to get your points and believe you are the first that got so close. I wouldn't think about it that way. Please do not forget the ethernet type I need!

 Thank You!

Accepted Solution

mlev earned 30 total points
ID: 1637378
1. Heh, I wish my ISP was so benevolent, then the whole country could use a single account :)  I guess the simplest way is to try and see. I'd think you'll get separate IPs for each modem. To utilise that, you'll need serial line load balancing - read section 6.6 in NET-3-HOWTO.
2. Ethernet - anything that is supported, really (see Ethernet-HOWTO): 3com, WD, NE2000... The cheapest I could find when I needed one was a NE2000 compatible. It's not the best, but probably enough for a home network. (Btw, Ethernet is a sort of "anarchy" - there are no clients and servers at that level, they are defined at the application level.)

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
I NEED A "BARE" LINUX ... 9 92
Can't connect to FTP 18 111
Let's Encrypt - Auto Renew Failure via Cron Job 1 28
Shrink Linux Swap File Size CentOS 10 31
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question