FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » FUDforum » FUDforum Suggestions » Security - IP Logging
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
Security - IP Logging [message #35105] Fri, 08 December 2006 07:08 Go to next message
Ernesto is currently offline  Ernesto   Sweden
Messages: 413
Registered: August 2005
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
I brought this up briefly before, but I felt I have to/should do it again.

Currently, FUDforum only logs IP adresses when someone makes a post, I would love if it updated IP adresses upon login, to be able to track malicious users easier. Currently I have to use a workarounds with the apache log, which is unpratical at best. Especially since a Forum is often a supplement to another service - Lets say a game server, a webpage, a CMS system or a webshop or something similair, it is sometimes vital for the webmaster/admin to be able to identify users across the systems to ensure security and /or cleanse malicious users, or prevent illegal activities, either against your site(s) or prevent that your forum and your other services be accessed and abused for illegal purposes and hence incriminating yourself, for not taking all appropriate actions, or to be able to present comprehensive and accurate logs to the authorities.

I request an additional column that tracks the users last known IP that they logged in from, or perhaps even better - a whole separate table which keeps track and stores a users last known login IPs - It does not have to store ALL of them, just if a current IP equals an old IP, just update the timestamp, doesnt need to add a billion rows of identical IPs (Like my god damn web stat page does, oh my that baby is getting large).

Also the ability, just as we have now, to search by IP and identify which users have used that IP, or even that IP range ("Possible alter-egos of current users").


[Updated on: Fri, 08 December 2006 07:11]

Report message to a moderator

Re: Security - IP Logging [message #35108 is a reply to message #35105] Fri, 08 December 2006 10:20 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
We already log IPs in a number of instances, such as registration and message posting. I see no issue with adding a field to the sessions table to log the value on login, but I'd don't want or see a need to keep constant track of IPs utilized by a user in all instances.

As far as searching by IP, this is already possible if you click on the user's IP beside their message it'll bring you a dialog allowing you to search by IP or search what IPs a given login was using (based on IPs as stored during message posting).


FUDforum Core Developer
Re: Security - IP Logging [message #35110 is a reply to message #35108] Fri, 08 December 2006 11:05 Go to previous messageGo to next message
Ernesto is currently offline  Ernesto   Sweden
Messages: 413
Registered: August 2005
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
Quote:

As far as searching by IP, this is already possible if you click on the user's IP beside their message it'll bring you a dialog allowing you to search by IP or search what IPs a given login was using (based on IPs as stored during message posting).


Yes, but what if this user (like most) have a dynamic IP, which switches range very often. I notice trouble from a user on my other services and shut down his access. Without keeping track of users IPs upon login, there is no way I can find him on the forum either, especially not if he registers many users on the forum, because, let's say this user never posted on the forum, or it was a long time ago he posted, etc.

Perhaps in the other service I provide, I find this user linked to multiple IPs, I run them across my forum as well (combined with all the other services) but I do not find it on the forum, because he hasnt posted while using any of those IPs - And hence, the malicious user is still "free to roam around" in the forums, while he is shut down, or banned from the rest.

Let's say I have a hacking attempt on my website (not all that uncommon) and I trace the IP's and I report to the police and block the IP in my system. - Now, his dynamic IP would allow him to still be able to access the forums, and continue his hacking attempt there, instead of for example the website, just because I (we) do not log IPs on the forums other than when a user posts a message. If we would have logged each of his login's on the forum, the chance would be significantly larger to catch him/her in the net.

I think Ilia, the fact that you do not see the need of such a thing, is that (to my knowledge) you do not run forums or sites that are directed to a 15-30 year crowd, nor a site where controversial discussions amongst computer interested script kiddies occur and hence, you never had the trouble of dealing with IP logs, banning users or being in contact with the lovelly FBI. Nor do you have hundreds of thousands of posts and thousands of users who deter down to a "Lord of the Flies" mentality as soon as they get on the net, where "everything goes" and real life pictures, or modified pictures are being tossed around, or spreading of child pornography, or well - You name it.

I think you are wrong - I think a forum administrator should have as many tools as possible to ensure that local and international laws are upheld on ones site, to prevent lawsuits or procecution.


I know I am using rather extreme examples, but you said you dont see a need to keep track of IPs "in all instances". - In all instances I can agree, but for example on just login would help quite a deal to identify users better.


And no, it does not store IPs upon registration, at least not on my forum, which is the latest release + several CVS'es - Not a single of the users with 0 posts have an IP stored.


Edit: If you don't WANT the function I can understand, don't get me wrong, I just don't understand how you cannot see the NEED for it. =)

Oh, merry christmas by the way!


[Updated on: Fri, 08 December 2006 11:16]

Report message to a moderator

Re: Security - IP Logging [message #35113 is a reply to message #35110] Fri, 08 December 2006 11:25 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
On registration the forum populates the "reg_ip" field where the ipv4 address is stored in integer form. This is a relatively new addition (2-3 versions old) so if you had forum for a longer period this field can in fact be blank.

I've just checked on this forum and all new registrations (regardless of post count) have an IP address that can be seen via the admin control panel. Now in terms of violators, in order to break forum rules people generally need to "post". Which means that tracking is necessary for message posting not lurking on the forum. I'd love to hear the danger or issues with allowing people to lurk Smile. As far as enforcing bans, this is why registration IP is logged and the control panel I had mentioned allows you to see what IPs login X had used up until now (based on posts) and what is their registered IP address.


FUDforum Core Developer
Re: Security - IP Logging [message #35115 is a reply to message #35105] Fri, 08 December 2006 11:44 Go to previous messageGo to next message
Ernesto is currently offline  Ernesto   Sweden
Messages: 413
Registered: August 2005
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
Quote:

I've just checked on this forum and all new registrations (regardless of post count) have an IP address that can be seen via the admin control panel. Now in terms of violators, in order to break forum rules people generally need to "post". Which means that tracking is necessary for message posting not lurking on the forum. I'd love to hear the danger or issues with allowing people to lurk Smile. As far as enforcing bans, this is why registration IP is logged and the control panel I had mentioned allows you to see what IPs login X had used up until now (based on posts) and what is their registered IP address.


As I said: Many people use a forum as a supplement to their "real service" may it be a regular webpage containing "blogs" or may it be a game server, a file storage, a MUD, you name it - Being able to track users across all services would be, in many cases, important. If I had the forums also log a user upon login, I would have a wider range of possible IP numbers, to help me cleanse the other services from the infractor as well, or, when a user actually violates the forum and the forum rules, I can ban ALL his known IPs (if I WANT to) instead of just the one, two or three he used on his new little user he created just to post some poop-pictures (or whatnot). It could also help me to see if a user have multiple board aliases/logins (On many sites this is forbidden) where I could get better comparation results in the "Other users who use this IP" fields.

I can naturally toss this this in myself, if I am the only one that feels a more extensive IP logging is necessary, but I bet my two-winged shorts alot more people would ask for a feature like this, especially considering Invision Power Board, phpBB, vBulletin, IGNBoards and zeroforum has this functionality, I can imagine it has been asked for.

Yet again, don't get me wrong, I do not in any way want FUDforum to be a copy of anything else, I use FUDforum because I think it's the fastest, best and has the fastest support, but I can still at least try to argue my case, no? Smile


Re: Security - IP Logging [message #35116 is a reply to message #35105] Fri, 08 December 2006 11:45 Go to previous messageGo to next message
Ernesto is currently offline  Ernesto   Sweden
Messages: 413
Registered: August 2005
Karma: 0
Senior Member
add to buddy list
ignore all messages by this user
You are right, I can see the registration IP via the User Manager, but not via the IP search thingy.

Re: Security - IP Logging [message #35117 is a reply to message #35116] Fri, 08 December 2006 12:25 Go to previous messageGo to next message
Ilia is currently offline  Ilia   Canada
Messages: 13241
Registered: January 2002
Karma: 0
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
The "IP search thingy" Wink works purely on the basis of IPs used during the message posting. I am going to amend that code to include the IP used during the registration shortly as well.

The tracking of login ip was also added via the users table now, however I am not going to index the field. So, if you want to search by it frequently and have a lot of users it is up to you to add such an index.


FUDforum Core Developer
Re: Security - IP Logging [message #38810 is a reply to message #35105] Wed, 29 August 2007 11:39 Go to previous message
retouching is currently offline  retouching
Messages: 1
Registered: August 2007
Karma: 0
Junior Member
add to buddy list
ignore all messages by this user
I agree
Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: Allowing polls even if topic is locked
Next Topic: Print post/thread?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Dec 17 22:06:10 EST 2017

Total time taken to generate the page: 0.00806 seconds