IP from private range?

Re: IP from private range?

lecichy wrote:[color=blue]
> Hello
>
> As in the topic. Is it possible to get client's IP (private, you know 10.*..
> 172.16.* 192.168.*...) not proxy or NAT address (using cookies maybe) ? I
> saw few pages that can do this but I'm not sure if they used PHP and/or
> something else so here's my wuestion: any ideas how ?[/color]

Not always. I know some HTTP proxies add an X-forwarded-for: header with
the true IP. The theory behind NAT though is that anything inside the
firewall should be invisible for security purposes.

Re: IP from private range?


Uzytkownik "Kevin Thorpe" <kevin@pricetra k.com> napisal w wiadomosci
news:3f9e46cf$0 $28264$afc38c87 @news.easynet.c o.uk...[color=blue]
> lecichy wrote:[color=green]
> > Hello
> >
> > As in the topic. Is it possible to get client's IP (private, you know[/color][/color]
10.*..[color=blue][color=green]
> > 172.16.* 192.168.*...) not proxy or NAT address (using cookies maybe) ?[/color][/color]
I[color=blue][color=green]
> > saw few pages that can do this but I'm not sure if they used PHP and/or
> > something else so here's my wuestion: any ideas how ?[/color]
>
> Not always. I know some HTTP proxies add an X-forwarded-for: header with
> the true IP. The theory behind NAT though is that anything inside the
> firewall should be invisible for security purposes.
>[/color]

Sure, I know theory of NAT, but in my specific case, some foreign sites can
check my private IP so we know that it's possible in my network. Knowing
that, what can be done with this forwarding ? On my site I can get my NAT's
IP and port. So this port identyfies my machine ? And if smoeting should be
forwarded then the destination address should look like
$REMOTE_ADDR:$R EMOTE_PORT using apache variables ?

Re: IP from private range?

"lecichy" <counter@vline. pl> wrote in message
news:bnlj37$p1d $1@nemesis.news .tpi.pl...[color=blue]
>
> Uzytkownik "Kevin Thorpe" <kevin@pricetra k.com> napisal w wiadomosci
> news:3f9e46cf$0 $28264$afc38c87 @news.easynet.c o.uk...[color=green]
> > lecichy wrote:[color=darkred]
> > > Hello
> > >
> > > As in the topic. Is it possible to get client's IP (private, you know[/color][/color]
> 10.*..[color=green][color=darkred]
> > > 172.16.* 192.168.*...) not proxy or NAT address (using cookies maybe)[/color][/color][/color]
?[color=blue]
> I[color=green][color=darkred]
> > > saw few pages that can do this but I'm not sure if they used PHP[/color][/color][/color]
and/or[color=blue][color=green][color=darkred]
> > > something else so here's my wuestion: any ideas how ?[/color]
> >
> > Not always. I know some HTTP proxies add an X-forwarded-for: header with
> > the true IP. The theory behind NAT though is that anything inside the
> > firewall should be invisible for security purposes.
> >[/color]
>
> Sure, I know theory of NAT, but in my specific case, some foreign sites[/color]
can[color=blue]
> check my private IP so we know that it's possible in my network. Knowing
> that, what can be done with this forwarding ? On my site I can get my[/color]
NAT's[color=blue]
> IP and port. So this port identyfies my machine ? And if smoeting should[/color]
be[color=blue]
> forwarded then the destination address should look like
> $REMOTE_ADDR:$R EMOTE_PORT using apache variables ?[/color]

Can you post the URLs to those foreign sites able to do this?

--
Dag.

Re: IP from private range?


U¿ytkownik "Dag Sunde" <dag.nope@orion .no.way> napisa³ w wiadomo¶ci
news:3f9e698e@n ews.wineasy.se. ..[color=blue]
> Can you post the URLs to those foreign sites able to do this?
>[/color]

Here's the only one i could get right now:
http://www.thedonkeynetwork.com/connection_test (I don't know what this site
is actually about but what is important is that it shows my private IP
instead of a proxy or NAT as every normal site)
This link and few other I found on my ISP's local newsgrups ( in a different
context ) I cannot give any others right now as I did not pay much attention
to that until now.

And there was one more, it was some kind of a banner or commercial flash
animation on one of the biggest web portals and when I moved mouse coursor
over it, I could see in status bar a link to some script ( can't remeber if
it was PHP or sth else) that conatained my private IP as a variable

Re: IP from private range?

lecichy wrote:
[color=blue][color=green]
>>Can you post the URLs to those foreign sites able to do this?[/color]
>
> Here's the only one i could get right now:
> http://www.thedonkeynetwork.com/connection_test[/color]

If you are behind a NAT firewall then something's configured wrongly. It
correctly shows the firewall address for me.

Re: IP from private range?

lecichy <counter@vline. pl> wrote:[color=blue][color=green]
>> Can you post the URLs to those foreign sites able to do this?
>>[/color]
>
> Here's the only one i could get right now:
> http://www.thedonkeynetwork.com/connection_test (I don't know what this site
> is actually about but what is important is that it shows my private IP
> instead of a proxy or NAT as every normal site)
> This link and few other I found on my ISP's local newsgrups ( in a different
> context ) I cannot give any others right now as I did not pay much attention
> to that until now.[/color]

This url probably uses the http-client-ip of x-forwarded-for headers (if
they are present). You can figure this out for your self by requesting a
php page and just do a phpinfo() on that page. You'll see all headers
sent by your browser and can find the header containing you private
address yourself

--

Daniel Tryba

Re: IP from private range?

"Kevin Thorpe" <kevin@pricetra k.com> wrote in message
news:3f9e9e18$0 $29985$afc38c87 @news.easynet.c o.uk...[color=blue]
> lecichy wrote:
>[color=green][color=darkred]
> >>Can you post the URLs to those foreign sites able to do this?[/color]
> >
> > Here's the only one i could get right now:
> > http://www.thedonkeynetwork.com/connection_test[/color]
>
> If you are behind a NAT firewall then something's configured wrongly. It
> correctly shows the firewall address for me.[/color]

So it does for me.

I suspect kevin is right... Something is open.
What kind of OS/software does your NATing and Firewalling?

Re: IP from private range?


U¿ytkownik "Dag Sunde" <dag.nope@orion .no.way> napisa³ w wiadomo¶ci
news:3f9f010b$1 @news.wineasy.s e...[color=blue]
> "Kevin Thorpe" <kevin@pricetra k.com> wrote in message
> news:3f9e9e18$0 $29985$afc38c87 @news.easynet.c o.uk...[color=green]
> > lecichy wrote:
> >[color=darkred]
> > >>Can you post the URLs to those foreign sites able to do this?
> > >
> > > Here's the only one i could get right now:
> > > http://www.thedonkeynetwork.com/connection_test[/color]
> >
> > If you are behind a NAT firewall then something's configured wrongly. It
> > correctly shows the firewall address for me.[/color]
>
> So it does for me.
>
> I suspect kevin is right... Something is open.
> What kind of OS/software does your NATing and Firewalling?
>
>[/color]
What I know about my NAT is that it is a machine running Debian
(squid/2.5.STABLE4)

But anyway. Its configuration is not exactly the point. Using this
phpinfo() taht Daniel Tryba suggested I found my private IP in X-forwarded
for and thats OK in some way. What if I want to use data in headers like IP,
OS etc. in further php processing scripts?. Extracting it from this
phpinfo() output page isn't very effective so is there any other way to get
only headers sent by browser ?

I go it!

Thanks all!

I found out that on this phpinfo() site appriopriate names of variables
corresponding to each header are given in one of the tables so echo this and
echo that and I got what I want.

Thanks again!

Re: IP from private range?

[color=blue]
> What I know about my NAT is that it is a machine running Debian
> (squid/2.5.STABLE4)[/color]

Then that must be a PROXY, not a true NAT.