hey m8s
is there somehow some1 can log onto a forum and post and when they check is ip that it is mine ip that shows even tho it was some1 else that posted and not from my computer?
like maybe with a prog or something.
thanks on beforehand m8ts
Printable View
hey m8s
is there somehow some1 can log onto a forum and post and when they check is ip that it is mine ip that shows even tho it was some1 else that posted and not from my computer?
like maybe with a prog or something.
thanks on beforehand m8ts
Welcome to AO... It is possible, I am sure that a lot of people can explain it better than I could... but it is called ip spoofing... google it...
proxy ? woldnt they have to know your IP first to "spoof" and post with your IP....
so if they knew it they could post and it would show as my ip??
Sounds like a trick to me, but if the forums display ips, which some do... then they could wait for you to post and grab the recent ip. Though this would show as your ip it shouldnt enable them to post as you under your account on the forums. If someone is spoofing your IP, you should first renew your connections ip if possible and then inform the forums admins of what has occured. If your lucky they will investigate it as far as they are able to.
Spoofing a complete TCP connection sufficient to impersonate your IP address from a different address is far from trivial. If someone could do that then you probably have much bigger problems than them posting "from" your IP address.
Now, if your box is an open proxy or the "attacker" has some form of access to your box that allows him to use your IP address as if it was his own.... This is a much more likely and easier to accomplish way of appearing to be you.
Yeah was just about to say that TS, if someone has gone through all that trouble and managed to spoof you IP, chances are he will be buying a nice new farrari with someone elses CC number - not posting on a web forum!
Chances are that you and the person who is supposedly posting as you are both going through the same proxy, so the IP would show up at the forum the same. For example, at school you are on a lab system and your nemesis is on another one. Since you are likely going through the same firewall/proxy on the school's network, the proxy IP will show up as the originating IP number at the forum.
Clear?
Just my tuppence.
Wouldn't they also have to have his user name and password or access to a forum set "cookie" with his user name and password?
Depending on the environment (maybe as described), getting the userID and PW for the forum could be trivial. In my past life, dealing with students who gave up that information on a regular basis was a daily task.
Or, it is possible that nuthin left a system logged in and someone came behind him/her and posted. There are just so many possibilites. And, it is such a target rich environment!
;)
Are you talking about somewhere like Neworder?? where they display part of the address, which is usually the name of the DSL provider?? Cos its possible then that you and someone else are posting from the same ISP. Is it the entire IP that is displayed??
i2c
Do you mean that if say, instead of logging out from AntiOnline, I just closed my browser and left, someone could access my account or post in my name?Quote:
Or, it is possible that nuthin left a system logged in and someone came behind him/her and posted. There are just so many possibilites. And, it is such a target rich environment!
Yup, if you log on automitically and dont clear your cookies when you log off, someone could browse to AO on your machine and when they opened AO up, they would be logged in as you.
If someone really wants to, as your password apparently is also strored in a cookie as well they could de-cypher it and get you password. But they would have to be pretty sad IMO to want to do that!
Ok, I meant someone on another computer, not my computer. I didn't think that was possible, but then, who knows? There is a lot I don't know, and the only way I'm going to learn is asking questions. Thanks for you help.Quote:
Yup, if you log on automitically and dont clear your cookies when you log off, someone could browse to AO on your machine and when they opened AO up, they would be logged in as you.
its a a forum with some areas open without having to sign in.
so without getting my inlogg info and such and not being on my computer doing it isint there someway to post and seem as if that poster had my ips ??
there are progs that u can use to "hide" ur ip so couldnt there be a prog that u can put in a ip in and to whatever forum u went and posted that ip would show up that u put in the prog ?
nuthin: check out Tor, from EFF, it uses a trick called onion routing - the new installer makes it easier than ever before to set it up
Im in a good mode today so spare google just this once - http://tor.eff.org/download.html.en
i2c
thanks alot m8 :)
just to make it clear to me that dont really understand all this ip thing to do good this prog can by using this onion routing make some1 seems as they are posting from my ip even tho they arent ??
im gonna do a search on onion routing since i dont even know what that is hehe
check out this page, http://tor.eff.org/overview.html.en
basically your connection hops through a series of computers and then becuase the last computer on that series of computers is one to actually connect to the forum or website, thats the one that gets its IP posted.
EFF (Electronic Frontier Foundation) are all for privacy and thats why Tor was created, actually i tell a lie, it was created for the navy first, but its been adopted for this.
An IP is analogous to your house address, basically when you post a letter a post mark is stamped on it and your return address is on the back. Which the recipent can use to write back to you.
With Tor and proxies in general, its like using a series of PO boxes with a series of stickers placed over the top of you last previous address, that are removed at each mail box. (of course thats one way and the PO boxes would need to remember where to re-route reply mail to...)
hope that helps??
i2c
hmm yea a bit hehe but not quite what im looking for a think. more like a prog that for example i dns some1 on irc and i got their ip and so i put it into the "prog" and then i go post and it will show as the person i dnsed on irc, his ips will show.
is that possible to do? if u have a static or dynamic ip ??
sorry if im being annoying now hehe
IPs are not hard to glean. Heck, there were some scripts in signatures on AO that displayed your IP. YOUR IP, not the poster's. If you were accessing through a proxy, that was the IP displayed. Of course, it changed when your IP reservation changed, or you moved to another system.
What you want to do is fool or obfuscate the system logs of the forum you are accessing. This is unethical and the only reason I can think of that you might want to do that is to cause some havoc on the forum.
I strongly suggest that you spend some time learning about DNS, TCP/IP and networking and read the information on the links provided. You may also want to review your use agreement with the forum you are using to understand your role and responsibilities as a net citizen.
no nothing like havoc or such. its just that some1 has been posting on a forum and they say its my ip soo i was wondering if its possible to somehow do that?
I agree with rapier. As the thread's been going along, your intentions seem to be getting worse and worse... first of all I thought you were just having trouble because you belonged to a forum which someone in the same network as yourself might also belong to, and the admin may have been curious. But, now it looks like you're trying to spoof your IP address to trick a certain site into believing you are someone else. As I'm not sure, I'll give you the benefit of the doubt.
Are they saying it's your IP too? In that case, it's probably just someone else within the same network as you.Quote:
its just that some1 has been posting on a forum and they say its my ip soo i was wondering if its possible to somehow do that?
More knowledgable members than me have already posted telling you that it is no walk in the park, and the problems are pretty obvious - if I spoof my IP address to appear as yours (going outwards), then the replies sent by the server will be to that IP address and therefore I will not receive them. Wouldn't it be easier for them to 'gain' your IP address by having a backdoor in your computer?
Hmm, I give up.
Cheers,
-jk
well it might seem that way but its not that way.
its just that some1 has been posting on a forum and they have identified the ip as mine from me posting along time before this.
so i was just wondering if that was possible?
i dont care about learning how to do it.. just wondering if its possible to do it.
that might be tru. i just dont know. thats why i asked here
thx for all ur help tho
Yes it is quite possible, particularly if the people who run the forum have no idea.
It depends how your IP is allocated. Mine changes every time that I log in after a reasonable period logged off. That means that someone else gets allocated it.
It also depends how the site check. They may just look at the ISP block rather than a specific IP addy? Or at your original addy when you joined (that is very long odds though!..............going to the same site)
I cannot comment much further as you do not give sufficient details. If there has been an abuse situation, the site should send their logs to the ISP along with an abuse report. Your ISP should then be able to determine who was connected at that precise time?
Otherwise, if the site is accusing you, ask for a copy of their logs yourself. That should tell you if they do know what they are doing.
On the other hand, if your IP address is static, you would seem to have a security problem.
:)
ahh k that was what i was thinking myself but i wanted to ask those that knew better than me and have it confirmed.
i have static ip but sometimes it changes but that has just happend 2 times before during maintaince or just during work on the servers.
they were looking at my old posts from along time ago.
hehe well its a guild forum and the post wasent the most lets just say in the nicest tone possible :eek: .
i appreciate ur and every1 else help :)
time to scan computer.
If you use a password to access the forum, please change it, then log out and clear your cookies.
You might also ask your ISP to change your IP address.
:)