I'm setting up a self hosted server on my own network.
I don't want my ip address to be easily discovered as it's also my home ip address.
I was wondering if setting a dynamic DNS such as Duck DNS would allow to hide it to most users.
If no is there a solution to hide it ?
Post scriptum : The server is running on debian.
No. Setting up DNS would not hide the IP address. You can check with quite easily by using the host utility on Linux for instance:
host stackoverflow.com
stackoverflow.com has address 151.101.129.69
stackoverflow.com has address 151.101.193.69
stackoverflow.com has address 151.101.65.69
stackoverflow.com has address 151.101.1.69
So even if you setup your own hostname, everybody will know the IP anyway. Because in order to connect to your hostname, software will look up the IP and connect to that. If you want to hide your IP, you need to use a for instance a VPN.
Get a cheap VPS with enough bandwidth and use it as proxy, then disclose the proxy IP istead of the origin one.
Related
I'm attempting to set up a STUN server using STUN server for Node.js:
https://github.com/enobufs/stun
The readme has the following guidance:
Place a config file named as node-stun.ini in
your current directory. The config file should look like following.
(These local loopback addresses should be routable public IP addresses
in the real settings, of course)
[primary] host = 127.0.0.1
[secondary] host = 127.0.0.2
Does anyone know what the primary and secondary IPs should be? Should the primary be the IP address of my STUN server machine? What should the secondary be?
Could I set them as localhost and route requests to the server with nginx?
Finally, why does the software need to refer to these IP addresses?
Technically, STUN requires two unique public IP addresses on the server. But most client implementations only need one and don't use the alternate/secondary address. And the server code needs to know what these addresses are for two reasons:
So that the server knows which address to bind the sockets to. (It would need the local ip addresses for each)
So that the server can advertise the alternate IP address when a binding request hits the primary IP. (It needs to know the public IP addresses of the host if its behind a NAT with port forwarding).
If you don't have a secondary IP address to offer, then give in any address that allows the server to run. This will break STUN behavior and filtering tests, but rarely do clients need this.
This might be a tricky question but I'd like to forward a domain to a website that's currently hosted on an IP address on a different port.
This website is not operated so I have no control over the port number.
Specifically http://chaincoinexplorer.com
Should load up this: http://104.238.153.140:3001/
Currently it just redirects. But that's not good enough, and neither is stealth forwarding or iframes or anything of that sort.
If it's impossible through dns or similar, I can just clone the website. But I'd like to make sure there is absolutely no better way.
You can not use DNS to map the request to another port: browser only use DNS to map the hostname to an IP address. So, you MUST use a redirect, as you have done.
I was wondering about security with setting up a domain for WAMP / XAMPP.
Lets say that I want to publish website hosted on my PC with WAMP or XAMPP.
So, I have to register a domain.. and set it in WAMP / XAMPP. But, what would happen, if I set some already used domain in WAMP? For example if I set stackoverflow.com, which is already registered. What would happen? I guess that people will not see my website, but this one (stackoverflow), but how does WAMP or XAMPP recongnise that it is my website?
I am begginer with this matter, so please, dont be angry if its something obious :)
I think you are forgetting about DNS Servers and what they do.
When your browser see's any domain name you enter in the address bar, it goes to a DNS Server and asks, "Please give me the IP address for this domain name". Domain names are only there for us humans as its easier to remember stackoverflow.com than it is to remember an ip address, and that gets even more difficult for us to remember if it is on the IPV6 network.
So unless you can get all the DNS Servers in the universe changed to point the domain name stackoverflow.com to your routers external IP you wont effect anything by setting WAMP or XAMPP to use any existing domain name.
But lets say you do set WAMP/XAMPP to use an existing domain name. You would amend your HOSTS file to tell the Browser where to find that domain like this
127.0.0.1 localhost
127.0.0.1 stackoverflow.com
::1 localhost
::1 stackoverflow.com
This has the effect of seeding the local machines DNS Cache with these addresses. Now the browser will always check the DNS Cache before committing to the expence of asking a DNS Server to get the ip address, so your browser thinks that stackoverflow.com lives on your PC i.e. for IPV4 127.0.0.1 or for IPV6 ::1
All this will do is stop you getting to the real stackoverflow.com because the browser will attempt to connect to 127.0.0.1 every time you use stackoverflow.com as a domain name in the browser address bar instead of going to the real ip address for SO.
Reply to your comment
When you register a domain, you normally get access to an admin panel of some sort, where you set the ip address to use for this domain. This will set the DNS Server of who you purchased the domain from and this is then automatically propergated to all top level DNS Servers.
At that point you would set this to the External IP/WAN IP address of your router.
But be aware, if your ISP allocates IP addresses to you dynamically i.e. not a Static IP address you cannot do this, as your ISP Allocated IP Address is liable to change over time.
As a final note
WAMPServer and XAMPP are designed to be single seat developer tools and not LIVE Servers. That is not to say that the Apache in them is somehow less capable but that there is so much more to securing a web site than first meats the eye.
Also, you may not realise, but a Windows desktop OS is not a good target to run a live web server on. They are configured to be clients and as such have various limitations, mainly that a desptop OS can only manage around 20-30 external connections MAX. So if your site actually takes off, you are going to have a lot of complaints about the speed and accessibility of your site.
This destop limitation cannot be reconfigured.
I am owning a Windows PC. I have written a Web application that runs fine. But the problem is my PC's IP changes periodically. I want that application to be accessible in the network (from other pc's) without changing client side code . My client side code is in angular js.
The web server of your web application cannot bind to the correct IP if it doesn't know it in advance.
You can make your IP address static by following these steps:
In Windows, go to the Network and Sharing center
In the left pane, choose "Change adapter settings"
Right click your ethernet or wifi connection (the one connected to your router) and choose Properties
Double click Internet Protocol Version 4 (TCP / IPv4)
As an IP address, choose the one your computer already has (or try another IP address starting with the first same 3 numbers, i.e. xxx.xxx.xxx.yyy)
The default gateway is the IP address of your router
The subnet mask is typically 255.255.255.0
For the DNS server choose Google's 8.8.8.8 and/or your router's IP address
You have several choices depending upon your configuration.
If this is the public dynamic IP you get from your ISP, you can go to your ISP (whoever you get internet service from) and upgrade your service to a static IP address so it won't change.
If this is the public dynamic IP you get from your ISP, you can use a dynamic DNS service to attach a hostname to your IP address and then use that hostname to access the server. The dynamic DDNS app you put on your server will keep the DNS updated whenever your dynamic IP address changes.
If this is just a local IP address on your LAN (a 192.x.x.x or 10.x.x.x address), then you can pick an IP address that your router supports, but is above the range being used for DHCP and set that computer to use that IP address and not DHCP. In Windows, you can go to the networking configuration and choose the IP address instead of using DHCP. Then, the IP address won't ever change. It is important that you pick an address outside the range used for DHCP to avoid any conflicts. On my own LAN where the router is allocating addresses like 192.168.0.x, I manually assign addresses like 192.168.1.250.
This is something that your router handles through a protocol known as DHCP. Basically, the answer is to keep your IP from changing.
Many routers allow you to reserve an IP for certain MAC addresses. I would recommend that you access your router over your local network and work with the GUI it provides to try to configure this... if you're successful, then your IP will no longer change, and problem solved :-) If it's not intuitive, then of course refer to the documentation for your router.
I might sound like noob, I'm real new to this.
I use my college LAN to use internet. My college has blocked many websites(movies, games, porn etc).
I'm not sure about the way that it works. VPNs don't connect. And entering directly the IP addresses of websites is also blocked.
so what i was thinking is that if we could somehow type in google.com and make the DNS translate the ip address of steam.com, could that help bypassing?
If the websites ip are locked, this is not a dns filtering so you have nothing to do with dns. If vpn don't connect, some ports are probably locked. So, you should find a vpn that use the port 443 or use a webproxy.