| Author |
Message |
hitwalker
Sells PC To Pay For Divorce
Joined:
Posts: 5661
|
 Posted:
Thu May 04, 2006 2:25 am |
|
Something,somehow,outsmarted sentinel cause i had the second signup now from a country that cannot even visit my site.
yesterday someone from turkey and now from thailand just registered.
And thailand is banned..just like turkey,as it clearly shows that the range the visitor was from is banned ,but registered !.
and with turkey yesterday the same story.
dnsstuff clearly showed turkey but sentinel couldnt even find the ip in its own system,it didnt exist.
And his thailand ip didnt show up in the tracked ip's !...and thats impossible..
Anyone have an idea? |
| |
|
|
|
nb1
Regular
Joined: Mar 03, 2005
Posts: 94
Location: OZ
|
| Posted:
Thu May 04, 2006 3:08 am |
|
Some proxies are configurable with a TIS Firewall Toolkit
[ Only registered users can see links on this board! Get registered or login! ]
Don't of this helps any but interesting as it may be on your recommendation from a previous post ,i blocked all of turkey as well will be watching this trade good luck |
_________________
Member Of The Windows Vista help and Support Community |
|
  
 |
|
hitwalker
|
| Posted:
Thu May 04, 2006 3:55 am |
|
well i dont know if thats the case here.
hard to imagine that i run into this twice !..in 2 days.... |
| |
|
|
|
|
nb1
|
| Posted:
Thu May 04, 2006 4:33 am |
|
Is it possible that the ip ranges for the country's have changed ? may be a Private IP Address Range? some windows 2000 servers can be set that way I would imagine as the size of the traffic increases in a region the ranges would change and updated |
| |
|
|
|
|
hitwalker
|
| Posted:
Thu May 04, 2006 4:53 am |
|
well ip is thailand....
thats also in the mail...
and its in the blocked ranges as well,so im a bit lost here...
and even checked my full stats.... i cannot even find his ip... |
| |
|
|
|
|
nb1
|
| Posted:
Thu May 04, 2006 5:51 am |
|
I can have an e-mail address any were in the world as long you know the proper information and as you well know emails can forwarded from one
address to another - so-that doesn't mean he is from thailand. does it ?. If we had a e mail from him might be easier to get a range by reading the e-mail header But on the other hand they can be spoofed as well MTP service extension (RFC 2554) that allows an SMTP client to negotiate a security level with a mail server. But if this precaution is not taken anyone with the know-how can connect to the server and use it to send spoofed messages by altering the header information My guess is that the range from that region has been changed hasn't been registered as a valid range which happens quite often in third world countries in other words technology is proceeding in such a rapid rate is hard to keep up with it |
| |
|
|
|
|
hitwalker
|
| Posted:
Thu May 04, 2006 5:55 am |
|
with mail i mean the mail i get from my system when he registered...
were not talking about spoofed mail headers..lol |
| |
|
|
|
|
nb1
|
| Posted:
Thu May 04, 2006 8:20 am |
|
I don't believe I said that we was I simply stated that it can be done And if you read my post you'll see where I stated if we had an e-mail we could possibly get a better idea of the origin did I not ?It is what I was talking about actually don't matter where what e-mail he used that does not mean it is where he is from
if I may ask what is the provider name for the e-mail server |
| |
|
|
|
|
hitwalker
|
| Posted:
Thu May 04, 2006 8:51 am |
|
well your not reading well or dont understand..
when you signup at a phpnuke site the system sends out a mail like :
blablawhatever has applied at Phpnuke Database from xx.xxx.xx.xxx
-----------------------------------------------------------
Do not reply to this message
so it sends out an ip with it.
understand...
but also i cant find him in my serverlogs as last visitor....
nobody used the your account to register... |
| |
|
|
|
|
nb1
|
| Posted:
Thu May 04, 2006 11:03 am |
|
not reading well or dont understand  ya i understand
There are ways of masking ip addresses assigning the Mac addresses ect.. a person can log in through let's say a college that has its own network and have a Private IP Address Range and may be possible that the php system is not picking up the actual address of the person I know when I worked in telecommunications and set up the supervisors and doctors home networks there was all setup with a private ip range for security reasons and was highly un touchable from a outside source
I have a little knowledge on ip addresses and ranges and understand some the functions on how phpnuke works
my have been some sort of pocket loss ? during the sending of the registration e-mail that is causing a glitch in the program
Do not reply to this message just had to |
| |
|
|
|
|
hitwalker
|
| Posted:
Thu May 04, 2006 12:21 pm |
|
no not 2 times in 2 days...
if this would all be true that would sentinel useless...so i dont believe that,and if an ip was spoofed somehow that doesnt explain why i couldnt find any visitor of my your_account for registration..........and thats the part your missing to. |
| |
|
|
|
|
nb1
|
| Posted:
Thu May 04, 2006 2:39 pm |
|
understand what you're saying things are not showing up in the log that's supposed to under normal circumstances and i agree very strange to say the least what i was trying to do was to come up with a relational explanation for the issue having a private ip range doesn't necessarily mean spoofing is done on some networks to monitor activity but I wish you the best of luck in your endeavor and believe me I do understand what you're saying I think there is something lost in the translation here I regard you in high standards and have used and passed out several of your scripts off of
[ Only registered users can see links on this board! Get registered or login! ] For the last few years |
| |
|
|
|
|
hitwalker
|
| Posted:
Thu May 04, 2006 2:44 pm |
|
ha..ha..thats nice,but im thinking of putting it into the main site..instead of the snippet directory..
but yes it bothers me a bit how they visit my site without leaving a trace ,fake ip okay....but you must leave some tracks.... |
| |
|
|
|
|
nb1
|
| Posted:
Thu May 04, 2006 5:03 pm |
|
your right and would bother me to is this a hosted server or your own have a lot more access to log files on your own ? yes you have to leave some tracks somewhere just a matter of Internet protocol
otherwise how would you be on the Internet 
do you get the time of the registration so you can compare |
| |
|
|
|
|
hitwalker
|
| Posted:
Thu May 04, 2006 5:05 pm |
|
yes i did,i checked all logs within a range of 1 hour..
not even a trace to the your-account.
its like he never was on my site....
i cant explain it... |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
