LemonInflux Posted June 29, 2008 Share Posted June 29, 2008 I've been doing a project in my localhost for quite a while. By default, one of its functions is to log the IPs of any visitors. Of course, this has been 127.0.0.1 every time, as I am the only visitor. However, when I checked this morning, I got this IP logged: 192.168.1.45 Using who.is, I traced it back to iana.org. Their website says it's perfectly normal to see traffic from their site, and it doesn't mean I'm under any threat. However, they managed to get into my localhost (using XAMPP btw). Does this mean anyone could? Or is this nothing to worry about? Thanks. Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/ Share on other sites More sharing options...
Daniel0 Posted June 29, 2008 Share Posted June 29, 2008 Yes, if they know your IP address the port 80 is open to WAN then they can access it. What you can do is configure you firewall (either software or hardware based) to deny connections from outside your computer to that port or you can set Apache to only listen to 127.0.0.1:80. Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577134 Share on other sites More sharing options...
LemonInflux Posted June 29, 2008 Author Share Posted June 29, 2008 Where/how would I do this? Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577140 Share on other sites More sharing options...
448191 Posted June 29, 2008 Share Posted June 29, 2008 AFAIK, the 192.168(.1) range is for network IP's. Probably a different computer in your network, or even your own using the network IP, connected to your test server. Only if your PC is connected directly to the internet (with only a modem, not a NAT/Router) to you have to start looking at Apache config. If your PC is so wide open that port 80 is open without you knowing about it, I would worry about other things than your test server. Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577141 Share on other sites More sharing options...
LemonInflux Posted June 29, 2008 Author Share Posted June 29, 2008 Ok, so you're saying it's nothing to worry about? Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577142 Share on other sites More sharing options...
448191 Posted June 29, 2008 Share Posted June 29, 2008 I don't think it is anything to worry about (again, AFAIK, 192.168.1.* is a local network IP), but, I don't know your local situation. Check out the things I mentioned. Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577143 Share on other sites More sharing options...
darkhappy Posted June 30, 2008 Share Posted June 30, 2008 what happens if you just ping 192.168.1.45 from your machine? Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577748 Share on other sites More sharing options...
neylitalo Posted June 30, 2008 Share Posted June 30, 2008 The following IP addresses are reserved for internal network use only, and will not work from networks external to your own: 10.0.0.0 - 10.255.255.255 192.168.0.0 - 192.168.255.255 172.16.0.0 - 172.31.255.255 169.254.0.0 - 169.254.255.255 (Note that if your computer has an IP in this range, there's probably something wrong. Computers self-assign addresses in this range when they can't contact a DHCP server or can't assign themselves a valid IP.) Since 192.168.1.45 is in one of these ranges (192.168.0.0 - 192.168.255.255), it must be internal. Unless you suspect you have an attacker in your local network, you are safe. Quote Link to comment https://forums.phpfreaks.com/topic/112418-am-i-under-threat/#findComment-577830 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.