| Author |
 Topic  |
|
|
wildfiction
Junior Member
167 Posts |
 Posted - 09 February 2007 : 10:39:20
|
| The IP address stored by Snitz for one user on one of my forums is the IP Loopback Address 127.0.0.1. Does anybody know how the user's IP address can get reported like that and how I can retrieve the real IP address? |
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 09 February 2007 : 16:27:14
|
How most horridly odd - that means the request came from *or appeared to come from* home. Are these entries definitely not services you're running/box admins/etc? It is possible to spoof an IP, but not usefully, as you get no return traffic (it all goes to the spoofed address)
To get their 'real' address, you could guide/trick/force them to follow a link on your site with a simple asp to stash the whole request (ie all the request variables) to a page/db/etc. Bear in mind, though, that peoples IP addresses change thanks to DHCP/NAT, so it may give you a clue to their subnet, but tricky to narrow it down much further. Roll on IP6... |
 |
|
|
wildfiction
Junior Member
167 Posts |
Posted - 10 February 2007 : 13:02:51
|
I have a theory about how this might be happening:
I assume that it is fairly easy to set-up a redirector/proxy server such as anonymizer.com. So the user sets up a hosted account with the same host that the forum is running on and so the proxy server is running on the same box and then he/she accesses the forum through the proxy server.
What do you think?
(If this continues to be a problem then I will do some extra logging on this IP address to determine what's happening.) |
|
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 10 February 2007 : 15:56:24
|
| But how would he/she do that on your server? You may well be correct, I don't know your setup, and it sounds viable if that's the kind of thing you allow on your site :-$ |
|
|
|
wildfiction
Junior Member
167 Posts |
Posted - 14 February 2007 : 13:47:07
|
| The server is a shared hosted server so there are many web sites that run on the same box. Mine is just one of them. The others could belong to anybody. |
|
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 14 February 2007 : 14:06:32
|
| so maybe a server admin joined from the local machine? |
|
|
|
wildfiction
Junior Member
167 Posts |
Posted - 20 February 2007 : 11:22:01
|
| No, just an anonymizer running on the same box. Unless there is a way to "spoof" an IP address when using Snitz? |
Edited by - wildfiction on 20 February 2007 11:23:05 |
|
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 20 February 2007 : 12:35:34
|
Well yes, it is possible to spoof an IP address, but you do get so little back it doesn't help.
Erm...who's running an anonymizer on your server? That's your answer right there who that login belongs to, if you know there is one! |
|
|
|
wildfiction
Junior Member
167 Posts |
Posted - 24 February 2007 : 10:21:22
|
| It's in a shared hosting environment so anybody can set up an account with the hosting company and by coincidence it ends up on the same physical box as my forum. |
|
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 24 February 2007 : 12:41:24
|
| Guess that'll explain it - but perhaps you can get the user details from the host if they're running an anonymising proxy, if it's urgent |
|
|
| |
Topic |
|
Topic Locked
