Is GeoIP the IP address of the ISP servers and not end user?
I had in my mailing list 5 people with the same geoIPs but their "regular" IPs were all different and even from different subnets.
I guess the geo IP for a specific city or country but the normal IP is for every house, device, or whatever.
Related
I have a rails app that is running on heroku server.
According to my knowledge, Ip addresses are managed by heroku itself but when I have scanned through Probely vulnerability scanner, it gave me Private IP addresses disclosed. Even I have not displayed my ips to any view.
Well after some analysis, I came to that point that Remote_addr: 127.0.x.x kind of ip address is showing in the rails error screen and scanner is pointing out for this.
It also suggested that to fix this issue give a generic name to the ip address so it will be displayed over there instead of its actual value.
But I don't know how to do this on my server or app. How can I give a name to my private ip address???
You can't control much on the Heroku apps.
Anyway, 127.x.x.x is localhost... regardless of what the X's are.
What is suggested is to use the etc/hosts to provide a name and don't access the host directly through IP, in case the IP changes. (not available for Heroku afaik)
In Ruby on Rails, how can I get the IP Address of a client? I want that when a user visits a certain page, Rails gets their ip address and displays it on the screen.
In my controller I've tried:
request.remote_ip
but it is returning ::1 which to my knowledge is IPv6. I would like to get the IPv4 address of the client. How can I achieve this? I would only need to do this once per client since I'm only checking the ip address of the first device that they use to visit my page.
You can use either
request.ip that returns the ip, whether it is a local proxy ip
address (localhost address) or not.
request.remote_ip is smarter and gets the ip address of the client
outside of local proxies and this is the best that is an interpretation of all the available IP address information and it will make a best-guess.
(request.remote_ip)Determines originating IP address. REMOTE_ADDR is the standard but
will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or
HTTP_X_FORWARDED_FOR are set by proxies so check for these if
REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- delimited
list in the case of multiple chained proxies; the last address which
is not trusted is the originating IP.
Are you certain that ::1 is not sufficient? That is the local host; if you publish the site to anywhere requiring layer 3 transport it should render the appropriate IPv4 or IPv6 address respectively.
In short, if you disable your local IPv6 stack 127.0.0.1 would render.
I'm confused whether is it possible that two hostnames share the same IP addresses? And why?
What about if one hostname represent more than one IP address, is it possible too? And why?
detailed explanation is really appreciated :)
I know of Apache Virtual Host, which allows webservers with different hostnames (domainnames), to be hosted on the same IP address.
The webserver sends the domainname we wants while connecting, and webserver returns the right set of pages.
Heres something more specific if you want to further look into it https://httpd.apache.org/docs/2.4/vhosts/examples.html
Orginal Question
I want to implement a voting system on my page that is open to visitors and users i.e. non-authenticated users can vote.
Is there a rails/rack (or other) solution to identify visitors for this purpose?
Summary/Result:
If you want to implement a system where a visitor can take a certain action only once, i.e. a voting system. You have to divide your visitors into two groups:
Visitors that don't want to/don't have the tools to trick voting
Visitors that don't manipulate the result can be tracked using techniques such as: evercookie, Webbrowser Fingerprinting (panopticklick) and IP-Blocking.
Gems:
https://github.com/daddyz/evercookie
https://github.com/Valve/fingerprintjs
JS:
https://github.com/carlo/jquery-browser-fingerprint
Paid-Services:
http://threatmetrix.com
Visitors that want and can trick voting
Visitors that want to manipulate the result will and can do this. Here's a example. You can set the barrier high for those visitors, but its usually easier for them to bypass those than for you to implement them. The reasons for this are perfectly outlined by the answers to this question.
Client software identification
Web browser fingerprinting
panopticklick only identify browser configuration, not human beings. Just using a different browser (IE/FF/Opera/Chrome) on the same computer, using the same browser on a different user account on the same computer (different set of installed plug-ins, so different browser fingerprint) or using a different computer will "fool" panopticklick.
This is not a weakness of panopticklick, as panopticklick does not try to identify human beings, only Web browsers.
"Private browsing mode" should make the browser fingerprint less unique.
Cookies
evercookie, just like any sort of cookie, is specific to a user account (or a computer) : just using a different account or a different computer would give you a different identity. (Different users cannot access each other cookies because of file permissions.)
"Private browsing mode", if implemented properly, will clear all cookies, including "super cookies".
IP address
Changing IP address
Some subscribers have :
a fixed IP address;
an IP address which changes rarely;
an IP address which changes if they unplug their modem for hour, days, or weeks;
an IP address which changes almost every time they reboot their modem;
an IP address which changes every 24 h, even if they do not want that (as the IP address change will break TCP connexions).
This is not made-up. I know ISP with all these different IP allocation policies. I have no statistics about the number of users in these different categories, however.
Some ISP will make you pay just to have a fixed IP address. So I believe a changing IP address is pretty much the norm in practice for most Internet users.
Proxies
Using an anonymous proxy (including Tor) will give a different IP address, just as a VPN.
But all the proxy users (or all users of a Tor exit node) will probably have the same IP address.
Shared IP address
In almost all cases, family members will share an IP address.
Most small/medium businesses have only one outside address. This has been a problem in practice with per-IP anti-spam limit for webmails.
Almost all mobile IP users share the same IP address with a few or a lot of other users. This has been a problem in practice with per-IP anti-DOS limit! The server administrator had to list outgoing IP addresses and white-list them! Whenever the mobile ISP uses a new outgoing IP address, its clients are blocked again until the server administrator adds the new IP address.
You probably do not want to play this "game".
You can use cookie, but that can be disabled and expired, or IP address to identify the visitor. This can be tricked too, and there is a chance that from larger networks, people come with the same IP (e.g. from corporate network).
Basically there is no foolproof solution. I think the IP address can be "good enough" if nothing important depends on it.
how do one determine location based on ip? I'm not asking for any product or service, but rather how to go about implementing it technically.
The ip to country is a rather static mapping. What about more specific locations?
geobyte is a good service to locate ip address. If you are thinking about an algorithm to find location based on IP, I think there is none. It is basically a database look up and you will retrieve the location based on the IP address.