Deprecated: Joomla\Input\Input implements the Serializable interface, which is deprecated. Implement __serialize() and __unserialize() instead (or in addition, if support for old PHP versions is necessary) in /homepages/13/d380392445/htdocs/Jlive/libraries/vendor/joomla/input/src/Input.php on line 41

Deprecated: Return type of Joomla\Input\Input::count() should either be compatible with Countable::count(): int, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /homepages/13/d380392445/htdocs/Jlive/libraries/vendor/joomla/input/src/Input.php on line 170

Deprecated: Joomla\CMS\Input\Input implements the Serializable interface, which is deprecated. Implement __serialize() and __unserialize() instead (or in addition, if support for old PHP versions is necessary) in /homepages/13/d380392445/htdocs/Jlive/libraries/src/Input/Input.php on line 31

Deprecated: Joomla\CMS\Input\Cookie implements the Serializable interface, which is deprecated. Implement __serialize() and __unserialize() instead (or in addition, if support for old PHP versions is necessary) in /homepages/13/d380392445/htdocs/Jlive/libraries/src/Input/Cookie.php on line 21

Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated in /homepages/13/d380392445/htdocs/Jlive/libraries/src/Uri/Uri.php on line 141
Private IP addresses visible on Internet? - Macrotone Blogs

Macrotone Blogs

Macrotone blogs upon Joomla, our products and other matters.
Categories
Tags
Archives
Calendar
Categories:   All Categories
Suggested keywords
x
Font size: +
  Print
2 minutes reading time (391 words)

Private IP addresses visible on Internet?

2577 Hits

This should not happen, BUT we have observed a few private IP addresses being used by visitors to our site.

An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private uses by Internet standards groups. The following  private IP address ranges exist:

      10.0.0.0 to 10.255.255.255
      169.254.0.0 to 169.254.255.255 (APIPA only)
      172.16.0.0 to 172.31.255.255
    192.168.0.0 to 192.168.255.255

These private IP addresses are (normally) used on local networks which includes homes, schools business LANs etc.  Devices with private IP addresses cannot (should not be possible to) connect directly to the Internet. Similarly devices outside of the local network cannot (should not be able to) connect directly to a device with a private IP.  Typically access to such devices are brokered by a router or similar device that supports Network Address Translation (NAT).  NAT effectively hides the private IP numbers but can selectively transfer messages to these devices, affording a layer of security to the local network.

Standards groups created the private IP addressing to prevent a shortage of public IP addresses available to Internet service providers and subscribers.

So given that these private IP addresses should not be visible on the Internet, how is it possible therefore for our site to have recorded access from devices with addresses in the 10.x.x.x and 192.168.x.x ranges? 

One can always block these devices from access to web pages by including the private address ranges within ‘blocked’ ranges, using commonly available tools available upon the web, but it still doesn’t explain how there are visible in the first place! If in doubt it is possibly wise to block them as a matter of course for a site on the Internet. Remember if the site is on a ‘local’ LAN that blocking them is not an option.

One wonders if there is a connection with the implementation of IP v6, and whether somehow these address ranges are getting through.  Alternatively perhaps a particular NAT provisioning mechanism is faulty?  Another possibility is that  dubious entities are using them to ‘mask’ their activities.  We are led to the latter possibility since the 10.x.x.x devices were attempting access to our site ‘back end’.

Despite some extensive searching we do not currently know the source of these connections, which raises a few possibly serious security concerns. We will continue our investigations.

Tags:
security Privacy Communications
×
Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

Strange PHP error on live web site.
Doing more with LESS.

About the author

Geoffrey Chapman

Geoffrey Chapman

Subscribe to updates from author Unsubscribe to updates from author Geoffrey Chapman

An IT professional with a wide experience of IT systems, specialising in Database Management and Security.

Author's recent posts
More posts from author
 
Go To Top

Joomla! Debug Console

Session

Profile Information

Memory Usage

Database Queries