We are launching an ERP application on cloud and hence planning to capture the system ip address of the clients machine who access the application from our server.
This ip address that we are fetching is it the system ip or localhost ip?
It is fetched using
InetAddress local_ip=InetAddress.getLocalHost();
InetAddress remote_ip=InetAddress.getByName(request.getRemoteAddr());
Is it secure to fetch the ip address or mac address? As i know the ip address is unique only across a network.
Thank You
You will not be able to track the mac unless you are on the same network. Once the packet crosses a router the mac addr becomes the mac of the routers you bounce across at each hop. Mac addresses are available to the broadcast domain only. Some devices support proxy arp though.
IP addresses might change over sessions. Think about NATted clients and DHCP assigned addresses. These keep changing. Same IP might represent another client at another time.
Considering security, as mentioned in a comment, no.
Related
I am working on DHCP Billing System project. Only devices which administrators include their mac addresses can get ip address from DHCP. There are some mac addresses which belong to devices of former workers. I need monitor DHCP traffic and determine which mac addresses dont make request to get ip anymore. How can i do it?
Let's say we are hosting on a Personal Computer and Server Program is written in Java.
1.If we host server using static IP-address then does that means we can change machine and replace it with other ones, restart machine as many times we want and our Client will still be able to communicate with us after system is back?
2.if we host server using Dynamic IP-address then just by restarting once the machine we have to tell every single client out there that new IP-address is this one?
3.Will Dynamic IP-addresses change even if we don't restart the machine ?
Yes, a static ip address means that it is fixed. There is more to the whole system, of course, since there is resolution of an IP to a MAC address. Nonetheless, a static IP (assuming it is only on the network once) means that any machine with that IP will respond. So a client can always connect to the IP address.
Note: not a very friendly way to go.
Just because something has a "dynamic" IP address does not necessarily mean it changes every single time. Using DHCP it is possible to assign the same IP address to the same MAC address each time. It is a much better approach than hardcoding an IP address to a machine.
In addition, you really should not have your clients use an IP address to connect. They should look up the machine by a name in DNS. You can coordinate the DNS lookup to the DHCP, so machines do not need to do anything but resolve the hostname.
However, as your question stands, if a machine uses DHCP and does not receive the same IP address each time, and you have your clients connecting by IP address, then on each new assignment the clients would need the new IP address.
Whether a machine's IP address updates even when it does not restart is a policy that is controlled by the DHCP server. In general, there is a renewal time for an IP address. Without going into great deal, the client during the DHCP conversation may request the same IP address, but it is up to the server as to whether to hand out the same one or not. Conversely, most servers are configured to hand out the same IP address to a given MAC address as long as the DHCP cache is current. It is completely a policy decision.
At the end of the day, however, it seems like you are attempting to tie clients to a server's IP address, and this is not a good strategy. It is a better strategy to use DNS and have the clients resolve a hostname. If I am incorrectly inferring your intent, I apologize.
NOTE: I have used DHCP as the way to give out dynamic IP addresses. You might use some other strategy, but I think the concept is the same.
1: Yes, if the server has a static IP clients will always be able to count on the server being at that IP address.
2: Most likely, yes. In many networks the DHCP server will give the same IP back to a machine that has rebooted but you certainly should not count on that.
3: Yes - dynamically assigned IP addresses have a "TTL" - a time to live. This may be a long time (weeks or more) but they still could expire and change. Most often the machine will get the same IP back but, again, you should not count on that.
In the socket programming i am able to connect to the server socket when it is on the same pc i.e 127.0.0.1 but when my friend at a remote location runs the server program and i try to connect to it it shows the Connectiontimedout Error.
I'm giving the ip address and port number right.
Do i need to add something extra?
In order to access server remotely, your friend should bind the server to an IP address which is accessible from your machine. This will not be the case if your friend's ISP or wifi router has allocated a private IP address to him.
In such case both of you can join a Virtual Private Network to be on the same network.
Another option is port forwarding. If both of you can access a common machine then your friend can forward a port from the common machine to the application server's port to his machine. Now you can access your friends application server by accessing the socket at forwarded port on common machine.
If both of you are already on the same network then it might be possible that the server is listening on 127.0.0.1 interface only.
There are possibly other middle-boxes that do NAT (Network Address Translation) in the path between you and your friend. These normally prevent the initiation of TCP or other connections over the Internet.
Try doing the same with both of you on the same LAN (Local Area Network) or with a Hamachi VPN to simulate a LAN over the Internet.
Another possibility is configuring your router/NAT at your location to forward the port for your application to the IP address of your machine. In this case make sure to give your friend your public IP (you can get that with http://checkip.dyndns.org/).
server code:
String ip = request.getRemoteAddr()
if(ip='127.0.0.1')
System.out.print("hello");
Now I am accessing that remote site from my machine, so obvious my IP address should be like 192.*.*.*.
How can I cheat the server(IP spoofing) so server always prints "hello" for my request?
New answer to edited question:
You can't in Java. If need to pretend that the request is coming from 127.0.0.1 (the server itself), so you'll need to hack into the network stack of your operating system.
Old answer:
The IP Address your client uses to connect to the server depends on the network interface it uses and the kind of network attached to this network interface.
Example:
If your client is a laptop it most likely has only one network interface. This network interface uses 192.168.1.10 as its IP address (e.g., assigned from the DHCP on your router) as its internal IP address. Your router might also be connected to the internet, with an IP, say 20.20.20.20, which it shares with connected devices via NAT.
If you use this to connect to your server which is on your local network, the client's IP address that the server sees will be 192.168.1.10; if you connect to your server which is not on your local network but somewhere on the internet, your client's IP (that the server sees) will be 20.20.20.20
So you cannot make your client pretend to use 127.0.0.1 (if server and client are running on the same machine, your client will most likely have 127.0.0.1). Of course there are techniques like IP spoofing where you pretend to have a different IP than you actually have, but that's totally different issue.
Java Socket Program did not work for WAN
I have written a TCP IP socket program which works fine in my LAN.
One of my friend is at bangalore He ran the server and I ran the
client with the host name of my friend's IP. In this case my
socket program did not work.
You said that your program is attempting to connect to host 192.168.1.107 port 46216.
192 prefix specifies it is a class C address and is private. Making your program connect to that will force it to remain on the local network searching for that node. You will need to find the IP address of your router (you can use http://whatismyip.org/ to find this out). Then go into your router settings and forward port 46216 to 192.168.1.107 (your node), or even better, your MAC address which is not subject to change (in case your router is running DHCP).
on a side note, it isn't good to hardcode IP addresses. Simply use a textfield to avoid having to redistribute the client when your IP is changed, as it is likely you have a dynamic IP from your ISP.
Your friend running the server is most likely behind either a firewall or NAT. Make sure you are using the external IP address and if necessary port forwarding the packets to the correct IP.
The IP address you gave seems to be a local address, rather than a public internet address. If you are looking for 192.x.x.x, you will not make it out to "the internet", but will be confined behind your router.
WhatIsMyIP is a good way of getting a public IP address, and THAT is the address you should use in your connection. Also, be sure to forward any ports that will be used by your program, because otherwise your router will likely filter the traffic and still create an issue.
You could use an implementation of STUNT or other NAT Traversal protocol.
The ip of computer on thih u deployed your server program is not in your reach.
192.x.x.x ip means (class C) it is for local subnet.
You need to have change your ip address of your net-adapter so that your router could route it through internet.