Long story short, I'm wanting to test my site's anti-bot systems ("bot" here referring to players of the game cheating with programs, not spiders etc.).
I've written my own bot using PHP's CLI. Most of the time, my site is able to detect the bot activity and block it.
However I need to test dealing with dynamic IPs, and since I have a static one this is no easy task as far as I can tell. There are other things I'd like to be able to test that involve multiple IPs.
So, bottom line, is it possible to hide/change the IP address seen by the server when my PHP script connects to it and, if so, how do I do it? (I've never really used proxies before so I don't know much about them).
you can write a test code which does substitute $_SERVER['REMOTE_ADDR'] at the very beginning of your script and do whatever tests you like.
No, IP is the one of the few things client can't camouflage.
You can definitely use Proxy severs. There are many open proxy servers that are available, but those are not reliable and slow. You can use the paid proxy solutions, something like this proxy.lc
Related
I want to write a program that can monitor all system HTTP/HTTPS protocols used to open the default browser, and block certain ones, automatically changing certain requested URL into another. The process of changing a URL is simple, but the monitoring and blocking part is quite puzzling.
e.g. When clicking on the URL 'https://example.com/asdf.htm', the request will be blocked by the program and the the Windows system will receive the command of 'http://www.example2.org/asdf.htm' instead and the latter instead of the former URL will be opened by the default browser.
I am an amateur developer and student who do not have much experience in solving such problems.
I searched the web and found someone asked a similar question years ago:
https://superuser.com/questions/554668/block-specific-http-request-from-windows
However, I didn't find any useful advice on coding in the page. Maybe I can use an antivirus program to block certain URLs or change the hosts file to block certain URLs but the URL replacement cannot be done. Certainly, changing the hosts to a certain server which redirects certain requests might work but that's too complex. I wish someone can help me solve the problem by giving a simple method on monitoring the Windows system itself. Thanks!
To summarize our conversation in the comments, in order to redirect or restrict traffic, either to sites, either to ports (protocols are actually "mapped" via ports) the main solutions usually are:
a software firewall - keep in mind that SWFW don't usually redirect, they just permit or allow traffic via ports
a hardware firewall (or advanced router, not the commercial ones, but enterprise grade) - they do what you want, but they are very expensive and not worth for a home experiment
a proxy server - this can do what you want
Other alternatives that might or might not work would include editing the hosts file, as you said, but as stated earlier I don't recommend it, it's a system file and if you forget about it, then it can be a hindrance (also keep in mind that normally you should not use a Windows user with admin rights even at home, but that is another story) and a browser extension (which Iwould guess only changes content on pages, not the way a browser works (such as changing URLs).
I think a proxy server is the best pick here. Try it and let me know.
Keep in mind I still recommend you read about networking in order to get a better idea of what you can and can't do in each setup.
My MVC-5 website gets a lot of false registrations, or real and followed by experiments in escalation of privileges. I can write a request filter - but how to block web requests from one particular country? Are there publicly available list of IPs that I can block ... or what? How do people approach solving this issue?
Depending on the country you might have a little difficulty in blocking everything but there are lists out there (such as the one maintained by nirsoft). Usually it's better to block specific IP addresses where the bad behavior is originating by using software that watches for the behavior and dynamically blocks it. That way you're covered regardless of where it originates. Especially since managing IP address blacklists is a real pain. I've made use of IPTables on linux before for this and it works like a charm.
I have 3 IP set on my server (Windows Server 2008).
One particular application needs to be working on the 3rd IP, unfortunately the 'bind' paramater of that special application is half working, the application is using my main IP instead to communicate.
The application use "GetHostByName" and/or "GetAddrInfo" to get my main ip. I can know that because I reverse engineered it.
I would like to "spoof"(I think) another main IP for this application. I would like to keep my IP settings as is because everything else is working and I feel I shouldn't touch it.
So basically I would like "GetHostByName" and "GetAddrInfo" to return another IP of my choice, only to THIS particular application.
I am aware that this probably can't be done exactly as described. Maybe it can, but if not I would like to know what do you guys think the best solution would be to achieve my goal.
Thank you,
Yanick
Well I continued my research, changed my words, finally found this:
https://r1ch.net/projects/forcebindip
Note: the only thing not working was accessing stuff with 127.0.0.1 (MySQL for example), I had to use my main IP, not sure if my problem, my specific application's problem or a common problem.
In my company, I have have to test if a server is responding correctly.
The main test is to ask people (form the company) to connect simultaneously to the server at the same time.
I want to automate this procedure and doing it with one computer. My idea is to make a script that add several ip adresses to my PC and send a ping with all of them to the server.
Is it something doable ? Or maybe is there a better way to do that ?
Sure its do able in bash but there are many opensource tools which let you perform more complex operations right out of the box so get useful result quicker. I used Tsung in a similar situation and was able to investigate the systems response to varying the rate of adding connection more easily than if i was using bash. It was also easier to massively parallelise threads to simulate hundreds of users.
I am trying to create a minecraft server controller in Ruby. I have many basics done and have a decent understanding of programming in Ruby.
My end goal, besides the site to control everything, is to have Minecraft on one port, M, and another process on a different port ,P. I want users to connect to the port P and my process will inspect their traffic and chat logs before passing to Minecraft on port M. The goal is so that I can allow or deny individual op requests per player.
If this is possible or if I am approaching this wrong any help or direction is appreciated.
One concern of course is if this will slow gameplay making the game unplayable.
While your goal is better accomplished with a Bukkit plugin, you can still do it with a proxy. You'll need to make your proxy understand the Minecraft protocol, as well as setting your server to offline mode and making your proxy handle player authentication. You shouldn't see too much of a performance hit.
However, I suggest using SMProxy to achieve your goal. It's not Ruby (it's C#), but it's a very featureful and cross-platform Minecraft proxy with good plugin support for your needs. It's also updated pretty frequently, so you can keep on top of new versions of Minecraft without too much difficulty (this is the hardest part, reverse engineering Minecraft is no small task).