1
tedsmith
CBB - Internal IP Address range being transmitted - how?
  • 2006/10/31 18:46

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Hi

A user of one of my websites accesses the site from an internal network with a Class A internal IP address range (10.11.12.3 for example).

The IP address of her workstation is visible to me though, when I would have thought it would have been masked by the default gateway of her organisation and transmit only the outward facing external IP address?

Can anyone tell me how CBB determines the IP address of the workstation (i.e. which line(s) of code do that exercise) so that I can then try to work out why their internal IP address range is been communicated when they surf the web.

This is not an XOOPS issue as only I see it anyway (as webmaster) but what concerns me is that if my site can pick up her internal IP address, so can every other website on the Internet. If they access a site who's intentions are not pure they might use this knowledge for ill gotton gains.

Thanks

Ted

2
Mithrandir
Re: CBB - Internal IP Address range being transmitted - how?

/Frameworks/art/functions.user.php

function mod_getIP()
"When you can flatten entire cities at a whim, a tendency towards quiet reflection and seeing-things-from-the-other-fellow's-point-of-view is seldom necessary."

Cusix Software

3
Peekay
Re: CBB - Internal IP Address range being transmitted - how?
  • 2006/11/1 0:00

  • Peekay

  • XOOPS is my life!

  • Posts: 2335

  • Since: 2004/11/20


I would have thought a private IP address going web-side would either be down to a badly mis-configured router, or they are running their PC as a server?.
A thread is for life. Not just for Christmas.

4
tedsmith
Re: CBB - Internal IP Address range being transmitted - how?
  • 2006/11/3 19:20

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


I don't know that much about their setup. I can't give type up too many details about it either, but lets just say you really don't want your internal IP address been transmitted from it!

5
Bender
Re: CBB - Internal IP Address range being transmitted - how?
  • 2006/11/3 21:23

  • Bender

  • Home away from home

  • Posts: 1899

  • Since: 2003/3/10


The connection really goes through the internet? There is no tunneling between your networks right?

What kind of ip do you get displayed? (just give the first number that should create no problems )


Those ip ranges are defined for private networks

10.0.0.0–10.255.255.255;
172.16.0.0–172.31.255.255;
192.168.0.0–192.168.255.255;
169.254.0.0–169.254.255.255

according to rfc1918 and are not routed through the internet. It just does not happen. Even if you would assume one missconfigured router it would stop at the second jump.

The routed package does only carry the ip given to it by network adress translation (pat or nat) but not the original ip.

(at least thats what i learned some years ago)
Sorry, this signature is experiencing technical difficulties. We will return you to the sheduled signature as soon as possible ...

6
tedsmith
Re: CBB - Internal IP Address range being transmitted - how?
  • 2006/11/3 23:00

  • tedsmith

  • Home away from home

  • Posts: 1151

  • Since: 2004/6/2 1


Quote:

according to rfc1918 and are not routed through the internet. It just does not happen.


I know, this why I'm a bit bamboozadled. As per 1st post, it's an internal Class A IP range (10.xxx.xxx.xxx). That't the address of her workstation. Yet whenever she posts, I can see her IP address as webmaster.

And this is what I don't get. I should only see the IP address of the default gateway of her organisation or some other IP address that was set up specifically for external communication to Internet. She physically should not be able to communicate over the net using 10.xxx etc so something else must be getting used for the actual communications, but regadless of that, her internal address is still detectable, whether or not it's actually been used for the communications themselves.

Bizarre, don't you rekon?

7
dave_uk
Re: CBB - Internal IP Address range being transmitted - how?
  • 2006/11/4 0:08

  • dave_uk

  • Not too shy to talk

  • Posts: 113

  • Since: 2005/11/27


I have noticed this with CBB as well even though the standard internal addresses are supposed to be black holed by routers as some NAT routers can leak sometimes. The times is happens do seem to be intermittent though
Wii Plaza - Wii Fansite community

8
Bender
Re: CBB - Internal IP Address range being transmitted - how?
  • 2006/11/4 8:32

  • Bender

  • Home away from home

  • Posts: 1899

  • Since: 2003/3/10


Strange. Even if you got a lucky run and all routers on the way are missconfigured by chance to not block private adresses and keep routing it to the target ... no way to route the package back to original sender.
Sorry, this signature is experiencing technical difficulties. We will return you to the sheduled signature as soon as possible ...

Login

Who's Online

372 user(s) are online (301 user(s) are browsing Support Forums)


Members: 0


Guests: 372


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits