Solved

how to make private IP Server?

Posted on 2010-08-22
10
763 Views
Last Modified: 2013-11-16
Does any one know how to make private IP Server?

when ever some hacker attack site there use IP LIKE 192.xxx.xxx.xxx
Question 1 :
how they do this?


as far as i know these are private IP mean no one able to trace these sort of IP

question 2:
how to protect my site from such ip attack??
IF some one know how to trace such ip's do tell me i m going to buy a domain for my site so it will be help full for me...


looking for a detail reply
Thanks
0
Comment
Question by:IamnotanExpert007
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 33494507
From the outside world a hacker cant attack 192.xxx.xxx.xxx You are right in thinking that it is a private address range.
Firewall, Firewall and firewall! Thats how you protect your "Site"
Please define "Site" so that we can better answer your question.
0
 
LVL 5

Expert Comment

by:eNarc
ID: 33494744
http://www.wampserver.com/ is what I use and is private and u can even put it public if you so desire., its PHP apache, has mysql, and its all install able from 1 click of a button.

I use it, I would recommend this to anyone.

though anyway.

within httpd.conf

search for

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
      Deny from all
      Allow from 192.168.1.67
</Directory>


the above only allows access from 192.168.1.67 ip and deny all access from other ip.

and this is to trace ip

http://www.ip-adress.com/ip_tracer/
http://whatismyipaddress.com/ip/
http://www.ip-adress.com/faq/view_email_header/
0
 
LVL 3

Author Comment

by:IamnotanExpert007
ID: 33497450
@Neilsr

Yeah i know firewall can stop such kind of attack at certain level but some time there are some intelligent people who know how to break logical firewall

@ enarc

ok but if i m not wrong wamp server act like a data base which we use with PHP M I RIGHT?


i know how to trace IP EXCEPT 192.xxx.xxx.xxx series

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
      Deny from all
      Allow from 192.168.1.67
</Directory>
with this don't you think only  those people will be able to visit site who's IP address is 192.168.1.67




MY ACTUAL question is IS THERE  ANY WAY TO CREATE SUCH IP POOL which is like 192.1.1.1

IN ShORT HOW WILL YOU MAKE YOUR IP ADDRESS START FROM 192.xxx.xxx.xxx


is there any special tricks involve in making private IP SERVER ?????
i think i should ask in more easy way
how can you visit website with private IP ADDRESS?
i use to tackle such kind of IP address on regular bases



and the link you have given above
do you really think they are able to trace PRIVATE IP ADDRESS who start from 192.xxx.xxx.xxx

0
 
LVL 11

Assisted Solution

by:farjadarshad
farjadarshad earned 166 total points
ID: 33499507
I would recommend you to use hardware firewalls like Juniper and CISCO's PIX
0
 
LVL 5

Expert Comment

by:mindwise
ID: 33501016
Hi IamnotanExpert007.

'private addresses' are the" rfc 1918" addresses like the 192.168./16 address space.
The reason they are called "private", is because the rfc1918 addresses are not routed over the internet.
That means, it is not possible to connect to a 192.168. address over the internet (directly).

There are no tricks to make a server use a private address, it's more a question of the IP address it has.
Ofcourse, usually it's the (lan) network that defines which address are used, and that's private addressing 90% of the time.

"how can you visit website with private IP ADDRESS?"
- via a concept called "NAT", usually performed by the firewall that connects the server to the internet.
Outgoing packets will get the 192. source address changed to an intenet address, and vice versa.

"but .. there are some intelligent people who know how to break logical firewall"
- Yes, a few, but they are way too busy to meddle with just any server.
be more concered about bugs in the code of the server, like buffer overflows, and opening ports from the internet you don't need. (firewall).

If you want to catch that, then you'll need to start using IPS systems.

i hope this helps.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Author Comment

by:IamnotanExpert007
ID: 33614235
Ok so how to use lan IP as my global Ip
0
 
LVL 5

Accepted Solution

by:
mindwise earned 167 total points
ID: 33616456
Well IANAE007:

"to answer "how to use my lan ip as my global ip"

I actually already answered that question with this:

""how can you visit website with private IP ADDRESS?"
- via a concept called "NAT", usually performed by the firewall that connects the server to the internet.
Outgoing packets will get the 192. source address changed to an intenet address, and vice versa."

Perhaps this example helps:
http://technet.microsoft.com/en-us/library/cc780783%28WS.10%29.aspx

Rgds,
0
 
LVL 5

Expert Comment

by:eNarc
ID: 33617223
>>Yeah i know firewall can stop such kind of attack at certain level but some time there are some intelligent people who know how to break logical firewall

ok, its like this, you can have no antivirus, you can have chrome browser, you can use a yahoo mail, and do your normal thing, and you will never get a virus or attack in your entire life... and thats for real.

though on the otherhand you go around giving out your external ip address, you go on sites and spam and do activities that get you noticed, then you use internet explorer browser and then you go on all those rotten melware sites and you download files and from your mail that you haven't got a clue who sent it to you and even still the email says its from a friend though why would they send a 30k zip? so you open it and boom, ur pc is deleting itself...

don't be so preoccupied with intelligent people, and be more preoccupied on your own mistakes. its like a great general said, I AM MORE AFRAID OF MY OWN MISTAKES THEN MY ENEMIES DESIGNS, you could be playing chess, and you could be winning, and then you make the biggest mistake of your life, and then game over, its never the other who is at fault, its always yourself that is at fault.


>>ok but if i m not wrong wamp server act like a data base which we use with PHP M I RIGHT?
wampserver is a selection of programs that allows you to setup a webserver that runs apache/mysql and php. the only database is mysql.


>>i know how to trace IP EXCEPT 192.xxx.xxx.xxx series
tracing a person on your network is just the same as tracing someone through the internet.
http://www.networkingfiles.com/neotrace/


<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
      Deny from all
      Allow from 192.168.1.67
</Directory>
>>with this don't you think only  those people will be able to visit site who's IP address is 192.168.1.67
yes that is true, only ip that is able to connect to the webserver would be that ip, no other ip's on your network or internet could view the webserver.



>>MY ACTUAL question is IS THERE  ANY WAY TO CREATE SUCH IP POOL which is like 192.1.1.1
the pool/range is created automaticly by the system/network.

>>IN ShORT HOW WILL YOU MAKE YOUR IP ADDRESS START FROM 192.xxx.xxx.xxx
connect to your LAN, you will be issued with a Local porting IP to allow you to exchange data back and forth between you and the internet.

if your talking about your external ip that everyone sees, then 192.xxx.xxx.xxx is a complete and utter N-O, 192.168 is assigned to and only to your Local Area Network. this is so other computers can connect to the network and have the External internet ported to that Local IP, without that Local IP on there System, the Router wouldn't know where to send the data. its that simple, its just for pointing data and acts like a real ip address though really its just for your own entertainment of local networks to identify each other which acts just like the internet though just in a mini way, if your wanting to change your external ip then thats something to do with your internet provider. and you just can't make your external ip start with a local range, and in all points, its completely useless. its only there to say ok, this data goes to that computer, this data goes to that computer and so on so lots of computers can use the same local ip address, making life so much easier.


>>is there any special tricks involve in making private IP SERVER ?????
there are no tricks involved, there is no magic behind a local ip, everyone in the entire world has the same ip range as u and i, 192.168.1.67 is the lan ip of my mac, if you want you can allow any ip you want be it external or internal.


>>i think i should ask in more easy way
>>how can you visit website with private IP ADDRESS?
connect to there network, its that simple. when on the network you can view network ip addresses, if you are external and trying to connect to someone with a lan ip, then all what will happen is you'll just be trying to connect to yourself, its like trying to look yourself in the eye, its impossible to connect to someone external with a internal ip.

>>i use to tackle such kind of IP address on regular bases
if you did then you would know about local ip addresses being the same on every computer in the entire world... your 192.168.1.67 is the exact IP of my Mac Computer.

a local ip is only to identify itself on the network, the ip it self doesn't really exist outside your network, its only used for internal porting/pointing, that is all, in essence to the outside, its pretty much useless, the only ip that matters to someone outside of your network is your external ip provided by your network. its just that plain and simple. 192.168 ip's will always point home. you don't even have to have an external ip to have a network. your local network will assign ip to every person who's connected to the network.



>>and the link you have given above
>>do you really think they are able to trace PRIVATE IP ADDRESS who start from 192.xxx.xxx.xxx

ok, firstly, tracing an local ip will only give you a node, thats it, they wont give you a location as the location will be home, right where u are, if your using wifi, then you know they are within 50 meters. thats the only real trace you will ever need on a local network trace with wifi, if its wired, then just hold the wire and follow it to that computer, hehe though seriously hehe, the ip will be assigned and then the name of the computer will be displayed on the router details of whos connected, you can then issue a disconnect of this user. and a possible banning them from connecting.

if at this stage and still unsure.

http://support.microsoft.com/kb/164015
http://en.wikipedia.org/wiki/IP_address
http://ezinearticles.com/?192-168-2-1-Wireless-Router-IP-Address---What-is-It?&id=1716646
http://answers.yahoo.com/question/index?qid=20060825083933AArprC4
http://www.dslreports.com/forum/r19898352-192xxxxxxx-IP-Address-Not-Good

all in all a local ip is just for pointing internet data to computers that are connected to the network who are wanting that data that the computer ask for, and its all routed through the router.

lets say a wants to connect to the lan, it would connect, then lets say a wants to connect to a website to view its contents, a would be connected to lan, then lan connects to website, it sends hello, and the website says hello back and then send it to the lan then the lan sends to to a, what if b is connected also, b connects to lan, then views website, then website sends hello back to lan and lan sends hello to b. all from the private ip, a and b have individual data from the date website. allowing them to do different things while still owning 1 external ip.

its been fun talking about this :D love it, enjoy and have a great day.
0
 
LVL 5

Assisted Solution

by:eNarc
eNarc earned 167 total points
ID: 33617446
>>Does any one know how to make private IP Server?
private ip is automaticly created when you setup a network box.
http://www.google.com/products?hl=en&q=Router&um=1&ie=UTF-8&ei=EDaGTOqxPI2l4AbBlMnOBQ&sa=X&oi=product_result_group&ct=title&resnum=3&ved=0CFQQrQQwAg

>when ever some hacker attack site there use IP LIKE 192.xxx.xxx.xxx
impossible as its a local ip, so they would ust be hacking themselfs.


>>Question 1 :
>>how they do this?
for them to hack someone elses local ip, they would have to connect to your external ip if they are external from the network, then they channel to the local ip, if they are not connected to your external or local network, then they will be unable to connect/hack, they needs to first connect to the router before any attacks can take place and in most cases there unable to channel past the router, as it would block such attacks, as most routers have built in firewalls.


>>as far as i know these are private IP mean no one able to trace these sort of IP
the ip will always point home, so its useless tracing a ip as it will just say local, if your wanting to trace local then explore your network, trace can easy be done with details of whos currently connected.

>>question 2:
>>how to protect my site from such ip attack??
like I've said before, use something like this within httpd.conf

search for

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order deny,allow
      Deny from all
      Allow from 192.168.1.67
</Directory>

though like I said before, for any attact they firstly need your ip, sending a person an email will give them your ip, if they are local they can just connect to the hub and view a detailed results of whos connected.


>>IF some one know how to trace such ip's
tracing an ip is no different that going to this website.
http://www.whatismyip.com/tools/ip-address-lookup.asp
http://whatismyipaddress.com/traceroute-tool
http://www.whatsmyip.org/traceroute/
http://www.tracemyip.org/


do tell me i m going to buy a domain for my site so it will be help full for me...
if your buying a domain, and then buying a server, then simply putting the below in a file '.htaccess' and putting ur ip in allow from ###. your external ip only.
...
order allow,deny
deny from 192.168.44.201
deny from 224.39.163.12
deny from 172.16.7.92
allow from all
...
more info on htaccess
http://blamcast.net/articles/block-bots-hotlinking-ban-ip-htaccess

if your server will be on your computert then, change the dns on your domain to your ip address.

if your wanting local.domain.com to point to 127.0.0.1 then everyone who connects to that domain will be connecting to themselfs. if you put your external ip then people will be connecting to your computer. and this will just invite attacks.

in all means, best allow a actual server company host your website and change the htaccess and dns to your desires.

>>looking for a detail reply
>>Thanks

anytime.
eNarc.
0
 
LVL 3

Author Comment

by:IamnotanExpert007
ID: 33624122
This is What I am looking for

Thanks For The Help
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now