jilibee. games.Makakuha ng libreng 700pho sa bawat deposito

Dwight66
(@dwight66)

11 years, 8 months ago

Everey now and the StatComm reports in the last hits a user with the ip-address 10.21.26.*. I don’t use this private networkrange in my local network. I would like to know where StatComm gets this IP-information from so I can take measures when neccesary.

With kind regards

dwight

https://www.ads-software.com/extend/plugins/statpress-community-formerly-statcomm/

Viewing 5 replies - 1 through 5 (of 5 total)

Plugin Author WPReady
(@wpready)

11 years, 8 months ago

Hi Dwight66,

If you have a regular wordpress installation, you’ll find some information querying the database:

select * from wp_statcomm where ip like ‘%10.21.26%’.

It is also possible to trigger some action when this IP is detected. More of this later.

Thread Starter Dwight66
(@dwight66)

11 years, 8 months ago

Hi WPReady,

Thank you for your reply. My WP installation came out of the Synology package center. I presume it is a more or less regular installation. I’ll look into the tables tonight (GMT+1)
I just don’t understand why these private addresses are showing up while I’m using a C-class private address on my internal home network.
Somehow somebody manages to show up with this weird address. This triggers me to investigate if this might be a bug or there is something else going on. I’ll let you know what I’ve found in the bare table.

Plugin Author WPReady
(@wpready)

11 years, 8 months ago

There is an article explaining how to expand Statcomm to trigger some actions under many circumstances.

Please see the following link
https://wpgetready.com/2012/05/expanding-statcomm-statcomm_info-action/

Best Regards

Thread Starter Dwight66
(@dwight66)

11 years, 8 months ago

Hi WPReady,

Thank you for the link to the information about the statcomm_info structure.
I checked the wp_statcomm table. As expected the records with an IP-field value of 10.21.26.* were there. That is why they appear in the statistics. I’m curious why these private addresses are appearing at all. As far as I know these kind of IP-addresses are non-routable and therefor hardly can come from outside my private network. I was looking for information that might explain how StatComm interprets the connection data of an external user/connection. I can’t explain where these weird private IP-addresses are comming from. They just show up in the StatComm statistics. In other words, is this an interpretation of StatComm or in the worst case: Am I hacked?

Plugin Author WPReady
(@wpready)

11 years, 8 months ago

Hi Dwight66,
I’ve been researching about the subject. I think the problem could come because a the ip detection is weakly implemented.
In this situation the IP could be forged to make us think the IP comes from somewhere.

I’m working to improve and fix this problem. If you are curious about it There is some examples on https://www.thespanner.co.uk/2007/12/02/faking-the-unexpected/

Best Regards

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Getting a private ip adresses reported from an 'external' user.’ is closed to new replies.