[Dshield] Re: Various Updates

Tom Laermans tom.laermans at powersource.cx
Fri Aug 10 21:45:32 GMT 2001


Hi,

At 02:28 09/08/2001, you wrote:
> >   The page http://www1.dshield.org/timestamp.php will send a packet
>
>Actually it sends a packet to my ISP's proxy server. There's a similar
>issue with warning_explanation.php (which reports the proxy server's
>IP address).
>
>The way around this is to use a different sever port, a la hackerwhacker.

This is part of my code @ http://www.powersource.cx/index.php3. Feel free 
to have a look at the bottom.

I think this should solve (part of) the problem. Don't know if it "catches" 
all proxies, but it catches my squid and the proxy of my provider.

<?php

if ($HTTP_VIA) {
echo '<CENTER>You&nbsp;are:&nbsp;<I><U>';
echo gethostbyaddr($HTTP_X_FORWARDED_FOR);
echo '</U></I>&nbsp;(<I>';
echo $HTTP_X_FORWARDED_FOR;
echo '</I>), using&nbsp;proxy:&nbsp;<I><U>';
$result = explode(' ',$HTTP_VIA);
echo $result[1];
echo '</U></I>&nbsp;(<I>';
if (strpos($result[1],':')) { $result[1] = 
substr($result[1],0,strpos($result[1],':') ); }
echo gethostbyname($result[1]);
echo '</I>,&nbsp;<I>';
echo ereg_replace( "\)", "", ereg_replace( "\(", "", $result[2] ) );
echo '</I>).<BR>Using:&nbsp;<I>';
echo $HTTP_USER_AGENT;
echo '</I>.</CENTER></FONT>';
} else {
echo '<CENTER>You&nbsp;are:&nbsp;<I>';
echo gethostbyaddr($REMOTE_ADDR);
echo '</I>&nbsp;(<I>';
echo $REMOTE_ADDR;
echo '</I>).<BR>Using:&nbsp;<I>';
echo $HTTP_USER_AGENT;
echo '</I>.</CENTER></FONT>';
}

/*
Only set when proxying:

HTTP_VIA 1.0 proxy.powersource.cx:3128 (Squid/2.3.STABLE4)
HTTP_X_FORWARDED_FOR 172.16.0.2
*/

?>

Yeayeah I know it isn't all that well-written code. But you get the 
picture, I think. Especially the last comments ;)

HTH,
Tom

-------------------------------------------------
Web: http://www.powersource.cx --- ICQ#: 12120754
Also check this out:  http://kickme.to/sidewinder
Need some cheats?? http://www.chaos-cheatbase.com
Keep Fido&BBS Alive!     http://skynetbbs.dyns.cx
-------------------------------------------------




More information about the list mailing list