Web Wiz Forums - Private IP/IP Obfuscator

Print Page | Close Window

Private IP/IP Obfuscator

Printed From: Web Wiz Forums
Category: Web Wiz Web App Support Forums
Forum Name: Web Wiz Forums
Forum Description: Support forum for Web Wiz Forums application.
URL: https://forums.webwiz.net/forum_posts.asp?TID=26943
Printed Date: 02 April 2026 at 11:45pm
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com

Topic: Private IP/IP Obfuscator

Posted By: remy
Subject: Private IP/IP Obfuscator
Date Posted: 05 February 2009 at 3:47pm

I am seeing a fair amount of IP addresses appearing on my site from 10.x 192.168.x networks. Now my understanding is that these are private addresses and shouldn't be routable over the net. How are they being reported as in use? My guess is that there's some public proxy involved somewhere but I'm still flumoxed as to how these packets are being routed?

I know this isn't a support issue per se but wondered if others had come accross this. I know I can simply block the top level address spaces to stop this occurring.

Replies:

Posted By: iSec
Date Posted: 05 February 2009 at 6:16pm

I have seen this appear on my forum; I have also seen the 127.0.0.1 address appear sometime. The good thing about WWF is that it now allows you to view logs... including errors that are a result of a failed SQL-Injection hacking. Here is an example of an Australia-based IP address from my forum logs:

2009-02-03 05:29:44 - 123.14.174.34 - Guest - ERROR - File: functions_filters.asp - Error Details: err_SQLServer_SqlInjectionTest() - -
2009-02-03 05:29:48 - 123.14.174.34 - Guest - ERROR - File: functions_filters.asp - Error Details: err_SQLServer_SqlInjectionTest() - -
2009-02-03 05:29:52 - 123.14.174.34 - Guest - ERROR - File: functions_filters.asp - Error Details: err_SQLServer_SqlInjectionTest() - -

My point is, if you suspect those 192.168... IP's doing something on the forum, you can see exactly what they are trying to do through these logs.

-------------
"When it gets dark enough, you can see the stars"
-Charles A. Beard

Posted By: WebWiz-Bruce
Date Posted: 06 February 2009 at 9:48am

The problem is that ASP reads the IP address from the header that is sent by the browser. This can be easily spoofed to hide a real IP address.

-------------
https://www.webwiz.net/web-wiz-forums/forum-hosting.htm" rel="nofollow - Web Wiz Forums Hosting
https://www.webwiz.net/web-hosting/windows-web-hosting.htm" rel="nofollow - ASP.NET Web Hosting