Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Raven's RavenNuke(tm) v2.02.02 Distro
Author Message
hall
New Member
New Member


Joined: Aug 08, 2006
Posts: 14

PostPosted: Sun Feb 25, 2007 8:25 am Reply with quote

Hi,

Here in the Netherlands many people are switching from phone and adsl (for internet) to phone and adsl combined. All their ip-adresses start with 77. When they come on a nuke sentinal protected site they get the message: You are using an Invalid IP to access this site!. But they also get this message on many dutch sites.
Now I am already using ravennuke 2.02.02 so that means I am using the newest ip2country data ??
What do I do. If I am right I need to Add a range in the nuke sentinal admin area , right ? When I was looking in the ip2country database date I saw that the ranges are added in a difficult way for example:
3559686144 3559694335
3559702656 3559702719
3559718912 3559727103
etc
Why not just 3500000000 to 3600000000 ? Isn't that much easier ?
So how do I add the 77 range. 7700000000 to 7800000000 or is that wrong ?
 
View user's profile Send private message
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Sun Feb 25, 2007 8:50 am Reply with quote

If you search the forums here, you should find instructions for turning off / disabling the IP check. It's a proactive check, and not based on an actual attack.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
ghost-ryder
New Member
New Member


Joined: Sep 03, 2006
Posts: 21

PostPosted: Sun Feb 25, 2007 9:11 am Reply with quote

I've turned mine off and still have a lot of people telling me they get Invalid IP message.I've even added a couple of guys to the protected range with no changes.
Last guy was from Canada and couldn't get in.
Since the new 2.10 will be released in a few days I stoped trying to fix it.
 
View user's profile Send private message
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Feb 25, 2007 8:44 pm Reply with quote

Did you indeed update the IP2Countries data from the latest package at Nuke Scripts?

You can easily add ranges using Sentinel. Of course, the actual storage is a different IP number, as it has to translate 77.xxx.xxx.xxx into real binary ranges.

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
wiz
Involved
Involved


Joined: Oct 09, 2006
Posts: 413
Location: UK

PostPosted: Sun Feb 25, 2007 9:03 pm Reply with quote

if you simply have 2.02 of RN76 then your sentinel will be way out of date. You need to goto nukescripts.net as Evaders99 said and get the latest Sentinel package.
 
View user's profile Send private message Visit poster's website AIM Address
ghost-ryder
PostPosted: Mon Feb 26, 2007 4:36 pm Reply with quote

Just went and got the update uploding it now hope that will fix it.
THX
 
wiz
PostPosted: Mon Feb 26, 2007 4:39 pm Reply with quote

no problem

Bear in mind 2.02 is nearly a year old, and in the 6 months ive been using it, ive (i think) had 4 sentinel updates. Remember tho Sentinel is an add-on that comes with RN, but is still a seperate product.
 
hall
PostPosted: Tue Feb 27, 2007 3:01 am Reply with quote

I will wait until the new sentinal come's out. I just don't get the use of the Ip to country just yet. Maybe someone can shine some more light on this. Are the ip's in the ip to country table ip that will be blocked or are it ip that are valid ? Or is it just to see what ip belonges to what country. Than ..still..why does sentinal say "invallid ip" because it isn't in the ip to country table...? Or am I totely misunderstanding it ? I also understand that sentinal works with an empty ip to country table.
 
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Tue Feb 27, 2007 6:56 am Reply with quote

You will need to run the upgrade script for Sentinel one version at a time, so I would start upgrading now, then when the new version is released you've only got one more upgrade to do.

The IP to country is exactly what it says, to relate the users IP to the country they are from. I believe there is also a check to see if the users IP is in the database, if it is not present then you will get the Invalid IP error, that is my understanding anyway.
 
View user's profile Send private message
wiz
PostPosted: Tue Feb 27, 2007 6:23 pm Reply with quote

if you are not running 2.5..... then you are vastly out of date my friend, dont wait for the next version, get the current.

Invalid Ip shoud be cured by turning the check off.as i myself highlighted as a fix months ago.
 
montego
Site Admin


Joined: Aug 29, 2004
Posts: 9453
Location: Arizona

PostPosted: Thu Mar 01, 2007 6:58 am Reply with quote

No issues with upgrading NukeSentinel. If I were you, I would ALWAYS keep current on NukeSentinel, as it is trying to stay current with exploits and bug fixes. The RN 2.10 upgrade script will recognize your version and only upgrade to a newer version if required.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Thu Mar 01, 2007 11:16 am Reply with quote

While I agree with all that's been said about keeping current, it still seems to me that it would be worthwhile if sometime Bob or Raven (and I know how busy they both are with more important issues, so I'll be patient) can take a look at the logic that leads to the invalid ip message and maybe post something that us weaker programmers can understand. I posted a query back in January that went like this:

I think maybe we have an "urban legend" going on in these Forums with respect to the invalid IP issue. After a user at my test site complained, I started looking at reimporting the IP2country data because that seems to be the solution recommended here. But I'm not sure.

I have tried tracing back thru Nukesentinel.php to determine the origin of this message. The immediate kick off for the message being generated (and I'm using the latest 2.5.05 code) is this:

Code:
// Invalid ip check

if(isset($bypassNukeSentinelInvalidIPCheck) AND $bypassNukeSentinelInvalidIPCheck) {;}
elseif($nsnst_const['remote_ip']=="none") {
  echo abget_template("abuse_invalid.tpl");
  die();
}



That's at line 118. So then we'd need to see how 'remote_ip' gets set to "none". It's tracing this that leads into a labyrinth of functions starting with get_ip. I have to confess that I can't follow all the logic in there. I know that at one point there is a get_remote_addr function that in turn calls a get_env function which should be returning the $_SERVER(remote_addr) which according to the documentation for PHP should be the IP of the client. So if that's missing I guess we could get an invalid IP. But looking at the logic in get_ip has me baffled and I'm just not sure what conditions would lead to this error.

Perhaps at some point we can get Bob or Gaylen to offer us an explanation, or perhaps someone else who knows about this can assist because it does seem to be a very common and vexing problem that's leading knowledgeable folks to just turn off the feature. Does this problem have any relation to IP2country and IP addresses that might be missing from there? Or is it somehow the client's failure to send a valid IP that's causing this? Or something else entirely?
 
View user's profile Send private message Visit poster's website
Gremmie
Former Moderator in Good Standing


Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA

PostPosted: Thu Mar 01, 2007 11:31 am Reply with quote

In my own case, my AOL users and a few guys browsing my site from their work locations were seeing the invalid IP abuse screen. That is the primary reason I set $bypassNukeSentinelInvalidIPCheck to true in my config.php. Since I haven't banned by country (yet), I didn't see any need at this time to have Sentinel validate IP addresses.

And the first go around of the quick fix patch (thanks Technocrat) for the Sentinel exploit was also denying my AOL users. I'm guessing AOL is just not providing a valid client IP address somehow?

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module 
View user's profile Send private message
fkelly
PostPosted: Thu Mar 01, 2007 11:52 am Reply with quote

Quote:
I'm guessing AOL is just not providing a valid client IP address somehow?



Yeah, that's what's bugging me Gremmie; I think there is more to this than is lying on the surface. If the code was just trying to match the client's IP address against a record in the IP2Country table I'd think it would just take the incoming record and do a lookup and if the number of rows was zero give a simple message. And if that's the case I'd wonder if we aren't just chasing our collective tails by trying to validate IP's this way. Because IP's are always going to be added and no matter how often you update the IP2country table you are always going to be behind the curve, so to speak, and anyway we all know that hackers can fake IP's easily so it is most likely to be some clueless and harmless user who gets the invalid IP message.

In other words, what's the "specification" for this feature, what is it trying to accomplish and do we really need it. I know that the check can be turned off but I'm not sure that's really a good solution. I'm just curious about whether the feature really adds security and whether it's really needed in the first place.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> Raven's RavenNuke(tm) v2.02.02 Distro

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©