Web Application Security

I Know The Country, Town, and City You Are Connecting From (IP Geolocation)

Every browser leaves a log of their public IP address when it connects to any website – if it didn’t, the website would have no idea where to send the requested Web page. What many people do not realize is the tremendous amount that websites can learn about a visitor — instantly — just from their IP address. Remember: IP addresses are not handed out at random. They’re assigned in blocks and publicly registered to specific ISPs or other organizations (universities, governments, corporations, etc.) This IP address registration information is publicly accessible through ARIN and other registrars. WhatIsMyIPAddress.com” is great resource to begin to see what your IP address reveals.

Furthermore, IP addresses have often been put to use geographically over the years. Many independent firms have built up large databases linking countries, states, and cities to particular IP ranges. One method used to create IP-Geolocation databases is through online account registration. For example, when people provide their physical address to a website, the website can easily log their IP address at the time. Do this a few billion times across hundreds of millions of websites and you begin to get a fairly comprehensive association between a physical locations and an IP addresses.

Many IP-Geolocation services, such as MaxMind, are available that allow anyone to query an IP address and receive information about it in return — information such as the country, state/province, city, postal code, and telephone area code for the region, and even latitude and longitude. Many IPs also indicate if the network is a home, university, corporation, government, military, or other type of network.

So unless the browser or network the computer is connecting through is configured to use a proxy, the IP address will reveal a lot. And even if the browser is proxied, that can also be detected. Proxies are often located on well-known IP ranges, so although the website might not know the browser’s real IP address (and by extension the physical location of the computer), it will know that the browser is trying to hide.

Beyond that, as has been repeatedly demonstrated, it is possible for http://maliciouswebsite/ to manipulate a browser and force it to send Internet traffic outside of proxy protection and in that way find its actual IP address. Usually these techniques work by forcing the browser to send non-Web traffic, or by having a Plug-in send traffic that does not utilize the browser proxy configuration.

While these techniques work, they are a little tricky to implement and require http://maliciouswebsite/ to set-up a traffic capturing system that’s a bit difficult. Fortunately — for the attackers, that is — there are far simpler ways websites can circumvent proxy protection to find the browser’s real location and the visitor’s identity. Yes, even when using something like Tor. I’ll explain how in later sections.

 

I Know…

  • Pingback: Introducing the “I Know…” series | WhiteHat Security Blog()

  • Pingback: I Know A LOT About Your Web Browser and Computer | WhiteHat Security Blog()

  • Pingback: Summary and Guidance for the “I Know…” series | WhiteHat Security Blog()

  • Pingback: I Know Who You Work For | WhiteHat Security Blog()

  • http://www.vibesconnect.com/coverball9/blog/Optimierungs_Tool_RegistryBoos,448241 technology

    Greetings! This is my first comment here so I just wanted to give a quick

    shout out and tell you I truly enjoy reading your articles.

    Can you recommend any other blogs/websites/forums that deal with the same subjects?

    Thank you so much!

  • http://websurgenow.com/ e-commerce rochester

    You really make it seem so easy with your presentation but I find this

    matter to be really something that I think I would never understand.

    It seems too complicated and extremely broad for me.

    I’m looking forward for your next post, I’ll try to get the hang of it!

  • http://www.bioinformatics.org/edu/user/view.php?id=109815&course=1 Kasha

    Outstanding. I agree.

  • http://www.cheapnfljerseys-vips.com Gus

    I’m extremely impressed with your writing abilities and also with the layout to your blog. Is this a paid topic or did you modify it yourself? Anyway stay up the nice quality writing, it’s rare to

    look a great blog like this one today..

  • http://www.thetrafficplayer.com/ gay pride parade las vegas 2012

    This article will help the internet users for creating new website

    or even a weblog from start to end.

  • http://mahjong-games.org/ chinese games mahjong

    I really like your blog.. very nice colors & theme.

    Did you create this website yourself or did you hire someone to do it for you?

    Plz answer back as I’m looking to create my own blog and would like to know where u got this from. thanks

  • http://www.dimep.gr/home/guestbook weight loss, buy phen375 uk, best diet pills, fat burner

    Thanks for sharing your thoughts on phen375 singapore.

    Regards

  • http://www.ciplaproducts.com Selena

    Hello, i think that i saw you visited my blog thus i came to “return the favor”.

    I’m attempting to find things to enhance my site!I suppose its ok to use a few of your ideas!!

  • http://physicalactivityresources.com/honeymoon/index.php/guestboook Http://Physicalactivityresources.Com/Honeymoon/Index.Php/Guestboook

    Good day! This is kind of off topic but I need some guidance from an established blog.

    Is it difficult to set up your own blog? I’m not very techincal but I can figure things out pretty quick. I’m thinking about making my own but I’m not sure where to begin. Do you have any points or suggestions? Many thanks

  • http://momblogsociety.com/blog/41496/like-to-spend-money-on-a-fruit-machine-know-the-purchase-price/ http://momblogsociety.com/

    Hey there just wanted to give you a quick heads up.

    The words in your article seem to be running

    off the screen in Ie. I’m not sure if this is a formatting issue or something to do with internet browser compatibility but I thought I’d post to

    let you know. The design and style look great though!

    Hope you get the issue solved soon. Many thanks

  • http://www.youtube.com/watch?v=D9BehtVJ0eI www.youtube.com/watch?v=D9BehtVJ0eI

    Greetings! Very useful advice in this particular post! It is

    the little changes which will make the most significant

    changes. Many thanks for sharing!

  • http://www.vision.tv/modules.php?name=Your_Account&op=userinfo&username=ZYDLanny shoes for toddlers

    Do you mind if I quote a couple of your posts as long as I

    provide credit and sources back to your site? My blog site is in the very same niche as

    yours and my visitors would really benefit from some of the information you provide here.

    Please let me know if this alright with you. Regards!

  • http://www.iamsport.org/ Melinda

    Magnificent goods from you, man. I’ve understand your stuff previous to and you are just too great. I really like what you have acquired here, really like what you are saying and the way in which you say it. You make it entertaining and you still take care of to keep it wise. I cant wait to read much more from you. This is really a wonderful site.

  • instructables.com

    I am extremely impressed with your writing skills

    and also with the structure on your weblog. Is this

    a paid subject matter or did you modify it your self? Anyway keep up the excellent quality writing, it is uncommon to look

    a nice weblog like this one today..

  • http://RIA Meredith

    It is not my first time to pay a quick visit this website, i am browsing this web site dailly and obtain good information from here every day.

  • http://it-support-chelmsford.weebly.com/index.html orange county it services

    Its like you read my mind! You seem to know

    so much about this, like you wrote the book in it or something.

    I think that you can do with a few pics to drive the

    message home a bit, but other than that, this is wonderful blog.

    A fantastic read. I’ll definitely be back.

  • http://Indoved.ru/ http://www.indoved.ru

    Wow, wonderful blog structure! How long have you ever been running a

    blog for? you made running a blog look easy.

    The overall glance of your web site is wonderful, let alone

    the content material!

  • http://www.ecovian.com/user/profile/227057 Louie

    I am genuinely pleased to glance at this web site posts which carries lots of helpful facts, thanks for providing such information.

  • http://www.aboutus.org/ecopsoriasis.com psoriasis

    I have read so many content about the blogger lovers however this post is actually a nice post, keep it

    up.

  • mathu

    Nice Article.

  • http://www.503gaming.com/ jack online

    Oh my goodness! Amazing article dude! Thanks,

    However I am experiencing difficulties with your RSS.

    I don’t know why I can’t join it. Is there anybody else getting identical RSS

    problems? Anyone who knows the solution will you kindly respond?

    Thanx!!

  • http://Www.Gather.com/ http://Www.Gather.com/

    Aw, this was an extremely good post. Spending some time and actual effort

    to make a superb article… but what can I say… I hesitate a lot and don’t manage to get nearly anything done.

  • casino online

    Good info. Lucky me I came across your website by accident (stumbleupon).

    I’ve saved it for later!

  • http://journ.chuvsu.ru/~wiki/index.php/%D0%A3%D1%87%D0%B0%D1%81%D1%82%D0%BD%D0%B8%D0%BA:HelenaBcq underwire bikini

    Heya i am for the first time here. I came

    across this board and I to find It truly helpful & it helped

    me out much. I hope to provide something again and aid others like you aided me.

  • http://www.FatBurningFurnaceReport.org http://www.fatburningfurnacereport.org

    Awesome! Its actually amazing article, I have got much clear idea about from this post.

  • Pingback: I Know What Websites You Are Logged-In To (Login-Detection via CSRF) | WhiteHat Security Blog()

  • http://www.nackte-girls.xyz/sitemap.html Weiterlesen

    Sie waren furchtbar.

  • https://twitter.com/TanjaLehnert Anfrage

    Nahrungsaufnahme ist demnach nur jeden dritten Tag nötig.

  • https://www.yourbeautyzone.xyz/sitemap322.html might

    wrinkle in time lessons and questions

  • http://blah.com Daryl Biffer

    Good article, thanks.