lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1087355622.20568.11.camel@24-117-37-85.cpe.cableone.net>
Date: 15 Jun 2004 22:13:44 -0500
From: GulfTech Security <security@...ftech.org>
To: BugTraq <bugtraq@...urityfocus.com>
Subject: Problem With IP Logging In Invision Power Board?


IPB like many other forum systems logs visitors IP's However I have
noticed in the past that people who are surfing through some proxies
have their internal (private) IP logged instead of their "real" IP
Address. Here are a few screenshots I took of my LAN IP being logged
instead of my internet IP.

http://images.gulftech.org/ipb_1.png
http://images.gulftech.org/ipb_2.png

As far as I can tell it is using the X_FORWARDED_FOR IP, which might be
a good thing as it could get the IP of a person using a non anonymous
proxy or the like to cause some mischief, but it should definitely check
for private IP's and if it finds one present go with the REMOTE_ADDR IP
instead, or something different because IP's of private networks are
pretty much useless to admins etc.

I have not taken time to look at the code responsible for this behavior,
but I did contact Invision a while back and was basically told to
purchase a license if I wanted technical support. hmmmmm, great response
:P BTW, the particular IPB version I have experienced this behavior on
is the latest 1.3 release.

Anyway, anyone else have this issue?


James B.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ