Detecting visitor IP is easy. But how about detecting DNS server ips of a visitor ?
I found this PHP function, however it finds only domain names' DNS.
dns_get_record("website.com", DNS_ANY);
Is it possible to detect visitor DNS server ?
Yes, you can, like detecting page resolution of visitors.
You need own DNS server and force user to resolve unique dns name. If user tried to resolve it then they will leaks to your DNS server own DNS server address. Next to DNS server have to share information who asked about the unique dns name to your web apps.
It's not easy, but it can be done. There's a demonstration of the approach suggested in a separate answer by Adam Dobrawy at http://ipleak.net/
To add a bit of detail, the way you can implement something like this is:
Part 1 - Set up your own DNS server on myspecialdomain.com
This DNS server needs to be custom written to log and store the incoming request and the source IP address. This storage only needs to be for a short period of time, so something like memcache might work nicely.
The DNS response should be an NXDOMAIN.
Part 2 - Your client-side code
In your Javscript make and store a large random number. Make the browser lookup .myspecialdomain.com. Load this via a JS img tag with an error handler.
In that error handler, now make a query to your server side code passing the random number.
Part 3 - Your web application (server side)
You need to implement some server side logic that takes the random string, looks it up in the datastore, and retrieves the IP address of the DNS server.
Note the IP address here will be the IP Unicast address of the particular server, it won't be an IP Anycast address like 8.8.8.8.
Here you can use GeoIP or Whois databases to determine the owner of that IP address (OpenDNS, Google etc). You can then generate a response to send to the client logic.
DNS resolution is not part of the request itself which means there is no way for the receiver of the request to know which DNS was used by the client (browser).
The DNS request happens first, as it is required to resolve the hostname to an IP address. Once this is complete, then a separate request is performed to the address in question.
The answer is NO. All the server got is a TCP connection to the visitor, that is, an [IP, Port] pair. DNS resolution depends on visitor's local configuration and can be done by a proxy.
Related
I'm trying to get the client IP as a way to save a particular user so the server knows who they are next time they visit, without having the need to login/signup for anything. This is a React front end with a NodeJS backend.
I tried my app locally and it seems to work fine. But I tried deploying it to Heroku and now I'm getting different IP addresses each time I reload. It keeps the same IP for the duration of the visit, but once I reload (refresh) the page, my IP changes..
[Method: 'POST'] [Path: '/api/posts'] [IP '::ffff:***.63.***.219']
[Method: 'POST'] [Path: '/api/posts'] [IP '::ffff:***.47.***.144']
(actual ip modified)
this is my console, as you can see the IP is completely different, and it looks nothing like my IP. I'm getting the IP from the request object (request.ip).
Why is the IP different each time on Heroku but stable on my local machine? is there another method for getting the client IP that I should be using? or is this a Heroku problem? I've looked for answers about this but I have come up empty which makes me think this is specific to Heroku.
According to the Heroku Documentation, all requests are going through a Proxy which acts mainly as a load balancer (If I have it correct in mind). You can use the custom HTTP-Headers to get the client ip address, but it is not recommended!
Additional:
For security reasons you should avoid to use the IP to identify a user, because that can cause session hijacking. Use technologies like cookies instead!
I have an app running on a server where I access using the servers ip. But now I need to have a subdomain configured in order to make an external API work but I have no clue of how achieve it.
Now I access to my server using IP -> XX.XXX.XXX.XXX:3000
And I need to change it for something like -> myapp.companyname.com
You don’t, because the Internet doesn’t work that way.
You create the subdomain by configuring the DNS server for the domain to point that subdomain at the IP address.
If you want to change the port number (from the default of 80 to 3000) without putting it in the URL itself, then you need to change the Node.js program or put a proxy server in front of it.
This is indeed a notorious problem with distributed web development. Presumably your API requires you to register your own hostname in some sort of allow-list, and then checks incoming requests for matches to that allow-list. (Why? Cybercreeps.)
You need to find out the IP address of your development machine (not 127.0.0.1, that's the loopback IP and every machine has it). It's OK if your development machine's address is on a private network, like '192.168.0.20for example. Give the commandifconfigand look for the address (it'sipconfig` on Windows).
You then need to put that IP address into a DNS server.
Here's a free way to do that.
Create a FreeDNS account by visiting https://freedns.afraid.org/
Click on Subdomains.
Click the Add link.
Create a subdomain hostname under one of FreeDNS's public domains. Maybe javier.ortega.mooo.com is a good choice
Put your machine's IP address into it.
Then, use https://javier.ortega.mooo.com:3000 to hit your development machine's nodejs app.
You can pay FreeDNS to register your own domain name and use that if you prefer.
The solution I needed was modifying the file hosts from -> system32/divers/etc/hosts and adding there the configuration relative to the ip - domain relation I was lookin for.
Wanted to know if it's possible to connect to an express server using that servers UP address. If it is how would you do it?(some code examples would be very appreciated)
Same as with any http server. This is not specific to Express at all. It's just browsers and TCP.
From a browser, you would just type:
http://192.168.1.100/somePath
Where you put in the IP address of the server and the desired path for the URL.
If you're connecting programmatically, you'd have to tell us what client environment you're using so we could offer a relevant exampale. All TCP connections are fundamentally connecting via the IP address (that's how TCP connections work).
Some APIs allow you to use the DNS name and then the first step under the covers of the API is to look up the IP address that corresponds to that DNS name and then connect to the IP address.
Wanted to know if it's possible to connect to an express server using that servers IP address.
Yes, that's actually the only way to connect to any server that uses TCP as the transport. All TCP connections are made from one IP address to another IP address.
Just use the IP address in place of where you would put localhost or the domain.
For example:
https://www.google.com/ -> https://216.58.217.164/
https://localhost/hello.html -> https://127.0.0.1/hello.html
https://localhost:8080/ -> https://127.0.0.1:8080/
I can add a code sample if you add your current code to the question or say what you are using to make the connection.
I need to get the user's IP address from the browser. I know we can get device information from the browser with plain JS without any http requests involved (OS and browser info via User-Agent), but to get the IP address you need to make an HTTP request, as your browser will attaches the IP address as a header of the request so you can get it server-side or in the response of that request in the UI.
I am lacking some basic understanding and I can't see why an HTTP request is required and at what point the IP address is added as a header, if the browser doesn't know how does the header get attached?
I believe OSI_model is the basic knowledge you are looking for.
https://en.wikipedia.org/wiki/OSI_model
HTTP request is just the top layer of the whole network system.
The IP protocol is handled on (Layer 4)Transport Layer and it will not arrived to Application Layer(Layer 7).
The statement -- "your browser will attaches the IP address as a header of the request" is Wrong.
Normally the http request doest not carry source IP information in headers. You can view the https://en.wikipedia.org/wiki/List_of_HTTP_header_fields for normal headers.
But you are right that the sever side should figure out the client's IP. How can it achieve that?
In fact HTTP is an Application Layer protocol. The topic of source IP belongs to Internet layer.
The Internet protocol suite(TCP/IP) will solve that.
Meanwhile it means it's impossible to get your ip directly in browser. Moreover, sometimes it's even impossible to get your public ip address within your System.
For example the WiFi AP normally use DHCP to assign you an private ip only. And use NAT to modify your packets when you send/receive a request.
I'm building an app where the user may occasionally make a search. I'd like to run the search through google, but I'm unsure in the event I have many users if i will hit google's search quota. Any individual user will not make more than one or two searches a day on the app. But cumulatively, it could potentially be much more.
Will doing client side retrival of a google query avoid this problem and not identify my server as the origin ip?
Yes, if you do a GET request from the client, the clients IP will be the source IP
Since you are doing a GET from the client's side, the TCP/IP connection is being opened by the client. So it would be the client's IP that the site would see as the requesting IP. However if you would like the site to see your IP instead, you can re-route the request via AJAX to your server, have your server do the GET and send the results asynchronously back to the client.