DragonPrime - LoGD Resource Community
Welcome Guest
  • Good morning, Guest.
    Please log in, or register.
  • October 18, 2018, 09:37:12 AM
Home Forums News Downloads Login Register Advanced Search
* * *
DragonPrime Menu
Resource Pages

Pages: [1]   Go Down
Author Topic: stealing ip address  (Read 2805 times)
0 Members and 1 Guest are viewing this topic.
« on: June 10, 2004, 04:08:40 PM »

Today I was performing a much needed members IP scannning, where I would check which characters had the same IP address and check if the two characters had encoutered in the game (illegaly) and I ran across two members that had MY IP address.

One of these names was even familiar, and I immediatedly remembered the episode.
I was checking the petitions and whe I clicked on the "return to Grotto" link the a ole email box window popped up with a message between this character and another admin. IT WAS NOT MY MAIL BOX.

I did delete the accounts but I still can't figure out how this happened, and I am sure it was not from a hole in my network (behind a very tough firewall).

Any ideas?
« Reply #1 on: June 10, 2004, 06:41:22 PM »

Some wild specs:

Stealing an IP is not possible. If your server is connected within a network with errors in its IP address configuration (i.e. 2 computers having the same LAN-IP for some time) something like this could happen.

Another thing I could imagine is, that you and them are connected by the same provider in the same country (with dynamic IP addresses) and that you got the same IP out of your ISP's IP range by random.

The only other possible explaination *is* in fact, that your server (DB) or your computer got hacked.

Th chance that anythiing of the above happend is very very low.

But on the other hand (LoGD-side)....

The mailbox is opened and checked by ID (session) and not by IP. (No regular non-admin function of LoGD I know uses IP addresses for anything.) The mailbox is not listed in allowed navs (it's always allowed), so maybe someone (or you without knowing it) found a way to enter another ID/name for opening a mailbox. Maybe in user editor by clicking on "Ye Olde Mail" within the iframe preview?? In this case (maybe even while they were online), the lastip entry of the edited/checked/whatever user changed to YOUR IP. So it was not the users who hacked something, but it was you who hacked them.

I need to test this tomorrow!
« Reply #2 on: June 10, 2004, 09:51:50 PM »

I just tested clicking on the mail in the iframe and it did not change the last Ip for that character...
Pages: [1]   Go Up
Jump to:  

DragonPrime Notices
Welcome to DragonPrime - The LoGD Resource Community!

Support Us
No funds raised yet this year
Your help is greatly appreciated!
Recent Topics
DragonPrime LoGD
Who's Online
27 Guests, 0 Users
Home Forums News Downloads Login Register Advanced Search