Posted by King 622 days ago
Category: Statistics | Tags: internal ip logging blocked sites
It would be nice if an internal IP address was included with a blocked domain in the stat log. This would be useful in figuring out who is "misbehaving".

While this is certainly possible to do, it is without a doubt difficult to impliment. Maybe one of the following sites may help...

http://www.auditmypc.com/internal-ip.html

http://www.gnucitizen.org/projects/javascript-address-info/

Thanks
comments 14 Comments  

Comments

written by ppierotti 607 days ago Rating: 7 | Rate Comment: + -

OpenDNS is tracking DNS requests. The only thing they're seeing is the public/external IP the request came from. They do not see your private/internal IP address.

The URL(s) you quoted work around that issue because they're websites, and websites can cause your browser to run "scripts which do stuff" (in this case "do stuff" = identify your private/internal IP address).

That is NOT possible to do for a DNS request, as a DNS request does not "do stuff" locally on your machine.

written by King 604 days ago Rating: 1 | Rate Comment: + -

This "stuff" can be done in OpenDNS's block page. Correct me if I'm wrong, but the block page is essentially a webpage and could use Javascript to collect this information.

written by skylineschool 73 days ago Rating: 0 | Rate Comment: + -

Exactly correct King. That should be what is done. The page should record the computer in questions IP and record it. It is extremely simple. And if the person or site does not use the block page, that's not your problem.

written by jpelectron 579 days ago Rating: 5 | Rate Comment: + -

I personally would not trust any pages with additional JavaScript, client-side code, or an installable client piece in order to make the functionality your suggested work.

written by npchurch 554 days ago - show/hide this comment Rating: -1 | Rate Comment: + -

written by amsmith42 553 days ago - show/hide this comment Rating: -1 | Rate Comment: + -

written by tymes 489 days ago Rating: 2 | Rate Comment: + -

If you have an office/domain/business, you can do as I have and enable DNS logs on the domain controller (aka necessary DNS server).

If it is important for me to track down a request I notice via opendns, I can find/grep through the dns.log on the server to find the machines responsible.

written by uscit 375 days ago Rating: 2 | Rate Comment: + -

I use Squid to track, but not block Web requests via the log file. Not foolproof, but it does allow you to reconcile what's going out with what's being blocked.

written by appleby 315 days ago Rating: 2 | Rate Comment: + -

Something like this could be done on IPv6 but with IPv4 we are all almost all using NAT so no internal IP is reported to the outside. Personaly I like hiding behind a NAT.

written by joe262 141 days ago - show/hide this comment Rating: -1 | Rate Comment: + -

written by kinglandgroup 284 days ago - show/hide this comment Rating: -2 | Rate Comment: + -

written by ridiculous 254 days ago - show/hide this comment Rating: -2 | Rate Comment: + -

written by evariel 233 days ago - show/hide this comment Rating: -3 | Rate Comment: + -

written by ms308680 119 days ago Rating: 1 | Rate Comment: + -

You could also replace your firewall with untangle, it has pretty decent reports, (remember I said decent). But looking at this thread, the only way to do what you want, without slowing the works down, would to assign static external IP's to the people that you think are causing a problem, the only ones that really care about this type of thing are bussiness in a stickler fasion. You are a business, so you should have a few extra IP addresses to use.


Sign in to comment or register here.