| Author |
 Topic Search  Topic Options
|
RadioActiveLamb 
Groupie
Joined: 29 December 2005
Location: United States
Status: Offline
Points: 171
|
 Post Options
 Thanks(0)
 Quote  Reply
 Topic: Private IP address posted
Posted: 10 October 2010 at 5:15pm |
I had a spammer post this morning. Usually, the IP addresses for the spammers come from China, India, Russia or the Philippines. I always search-down the spammer's subnet using "Domain Dossier", and block the entire subnet. This morning, I had a new spam message that used this local IP address:
Local IP addresses aren't routable. How did this happen? This is not the local subnet of the web server.
|
 |
123Simples
Senior Member
Joined: 08 July 2007
Location: United Kingdom
Status: Offline
Points: 1192
|
Post Options
Thanks(0)
Quote Reply
Posted: 10 October 2010 at 7:13pm |
|
Check the IP logs on the forum log files and let us know what you pick up there. I'm assuming (more guessing) that they used some sort of software just to change or mask the IP. The best thing to do as always though with any new poster is to keep them on moderation until you decide that they are okay, and keep their access to certain topics only. They will soon tire of seeing the png file saying Post Approval
|
|
|
|
WebWiz-Bruce
Admin Group
Web Wiz Developer
Joined: 03 September 2001
Location: Bournemouth
Status: Offline
Points: 9844
|
Post Options
Thanks(0)
Quote Reply
Posted: 12 October 2010 at 11:36am |
|
In Classic ASP you can only get IP address information from the browsers header. You can very easily change the browser header which means that it can be easy to fake the IP address that is read by classic ASP.
|
|
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 12 October 2010 at 11:44am |
|
Some anti-virus/spam programs also have the ability to mask the ip address of requests.
|
Lead me not into temptation... I know the short cut, follow me.
|
|
RadioActiveLamb
Groupie
Joined: 29 December 2005
Location: United States
Status: Offline
Points: 171
|
Post Options
Thanks(0)
Quote Reply
Posted: 12 October 2010 at 3:07pm |
 WebWiz-Bruce wrote:
In Classic ASP you can only get IP address information from the browsers header. You can very easily change the browser header which means that it can be easy to fake the IP address that is read by classic ASP. |
Well, that's a shame. I had no idea. It'll be quite a bit more work to block them at the IIS level, matching logs and what-not.
Thanks for the info. It is good to know.
|
|
RadioActiveLamb
Groupie
Joined: 29 December 2005
Location: United States
Status: Offline
Points: 171
|
Post Options
Thanks(0)
Quote Reply
Posted: 12 October 2010 at 3:36pm |
|
My landing-page is an aspx page, which sends the user to the forum folder. Would it be possible to read the actual IP address there, compare it to the header, and redirect them somewhere else if it doesn't match?
|
|
123Simples
Senior Member
Joined: 08 July 2007
Location: United Kingdom
Status: Offline
Points: 1192
|
Post Options
Thanks(0)
Quote Reply
Posted: 12 October 2010 at 6:38pm |
RadioActiveLamb wrote:
My landing-page is an aspx page, which sends the user to the forum folder. Would it be possible to read the actual IP address there, compare it to the header, and redirect them somewhere else if it doesn't match? |
Providing you could read the IP address, you could create a global.asa file (some little trick I learnt), where if the IP matches the one you have in the global.asa file, you could send them anywhere to any website you choose, and they would not even know about it 
|
|
|
|
dpyers
Senior Member
Joined: 12 May 2003
Status: Offline
Points: 3937
|
Post Options
Thanks(0)
Quote Reply
Posted: 13 October 2010 at 4:38pm |
|
|
Lead me not into temptation... I know the short cut, follow me.
|
|
