For a college project for my course on Introduction to Programming, I decided to make a small software that traces the IP address and puts them nicely on a GUI (PyQt). Not a big deal I know, but still I like the idea.
So I Googled around and found MaxMind's IP and their free offering and the pygeoip, which is an API for the MaxMind GeoIP databases. Pretty cool, eh!
But the downside is that to query their database, I have to download individual databases for country city. This is not good cause I have to make the end user download additional files (in MBs) just to look up an IP address.
So I am wondering, is there another method of doing this? How do I trace IP addresses? Note that I need them down to the city level, if possible. Something like this guy aruljohn.com/track.pl
Thanks!
I would have preferred "pygeoip", because it allows you to develop a complete solution locally. Of course, you will need to keep the database.
If you do not want to keep the database locally, you will have to depend on an external service to query for location of an IP. This will keep your solution small but dependent on this service.
For this check out: ipinfodb.com
http://ipinfodb.com/ip_location_api.php
They provide JSON and XML APIs interface which should be sufficiently easy to build.
Check out more information at : http://ipinfo.info/html/geolocation_2.php
I have even better idea. Why don't you make a very simple web app, which will do the actual look up; and you PyQt client would do HTTP request to that. Or maybe in that case you don't even need a client. Just make a web page to get IP address and show city.
Related
[Never worked with a RPi before, absolute noob on that field]
I want to make a desktop/mobile app to access a program on a RaspberryPi. The only task of the app is to send a command and display the received response on an UI. It's meant only for private use, but it should also work outside my local network. So as long as I have mobile internet on the phone it should be possible to access the program with the app.
Can I achieve this without using any kind of public website? I saw some tutorials that used Flask and other frameworks to do sth similar, but I want the access to be restricted to the app. There shouldn't be any URL I could type in my browser, that gives me access to a login page or sth like that.
If you know the specific term for what I am describing here or even better an article/tutorial that features it, that would be very helpful.
You need two things for that:
Make your Raspi visible to the outside world. That can typically be done by configuring port forwarding in your router. Note that this might impose a certain security risk.
Make sure you have a global DNS name for your internet access. Since the IP of your router may change frequently (depending on your ISP), you need a URL or rather, a DNS entry. There exist public DNS services that can assign a DNS entry to a dynamic IP (typically for a fee). Many routers support a protocol to configure such services.
After that, you can program an app that uses the given DNS entry to talk to your Pi.
So no, without a public URL, this is not possible, at least not over the long term. You might be able to go with the public IP of your router, but then your app may fail from one day to the next.
Some people are trying to access my site (I believe they are hackers), and when I blocked their IP, I noticed they used VPNs to access my site again. Is there any way I can prevent people using a VPN from accessing my site?
Any help will be VERY appreciated, I've been trying this for so long.
This is how I am blocking IP addresses:
ip_ban_list = ['130.180.2.129', '109.40.2.120', '37.120.205.148', '109.201.143.78', '37.120.132.76', '37.120.132.66', '185.244.215.134', '109.42.1.48', '109.42.2.193', '172.67.16.210']
#app.before_request
def block_method():
ip = request.environ.get('REMOTE_ADDR')
if ip in ip_ban_list:
abort(403)
Thanks in advance.
VPN providers do their best to hide that their users use VPN. Every IP list will be outdated soon and if you find out a method to identify VPN / Proxy they will find way around it.
If you have a system with limited number of users, blocking all IP addresses but whitelisting ones you want to access is effective approach. But process to start using your system is harder. Of course, you can automate that process a bit, for example by adding IPs to whitelist when user register his account. But that mean that your users needs fixed IP address and consumers does not have that option. So this approach works only in B2B solutions.
Other approach would be geoblocking. You can allow access only from IP addresses which are from certain country or region. But this kind of limitations are easily worked around with VPN / Proxies.
Third approach would be to dynamically add IPs to blacklist if you notice some suspicious behavior. Easy example would be if you notice that there is multiple failed login attemps from certain IP, you block it. And there can be some other sings of malicious traffic which can trigger your dynamic ban. It would be worth to make these dynamic bans temporary, so they would expire in a few hours. This method does not identify VPN, but may prevent hacking attemps.
I am trying to make a "proxy" in Python that allows the user to route all of their web traffic through a host machine (this is mainly for me and a couple people I know to confuse/avoid hackers and/or spies, who would only see web pages and so on coming in through one IP). I have run into several difficulties. The first is that I would like to be able to use the final, compiled product with Firefox, which can be set to route all of its traffic through an installed proxy program. I don't know what kind of configuration my proxy needs to have to do this. Second, the way the proxy works is by using urllib.requests.urlretrieve (yes, going to die soon, but I like it) to download a webpage onto the host computer (it's inefficient and slow, but it's only going to be used for a max of 7-10 clients) and then sending the file to the client. However, this results in things like missing pictures or broken submission forms. What should I be using to get the webpages right (I want things like SSL and video streaming to work as well as pictures and whatnot).
(wince) this sounds like "security through obscurity", and a lot of unnecessary work.
Just set up an ssh tunnel and proxy your web traffic through that.
See http://www.linuxjournal.com/content/use-ssh-create-http-proxy
I have a program that I wrote in python that collects data. I want to be able to store the data on the internet somewhere and allow for another user to access it from another computer somewhere else, anywhere in the world that has an internet connection. My original idea was to use an e-mail client, such as g-mail, to store the data by sending pickled strings to the address. This would allow for anyone to access the address and simply read the newest e-mail to get the data. It worked perfectly, but the program requires a new e-mail to be sent every 5-30 seconds. So the method fell through because of the limit g-mail has on e-mails, among other reasons, such as I was unable to completely delete old e-mails.
Now I want to try a different idea, but I do not know very much about network programming with python. I want to setup a webpage with essentially nothing on it. The "master" program, the program actually collecting the data, will send a pickled string to the webpage. Then any of the "remote" programs will be able to read the string. I will also need the master program to delete old strings as it updates the webpage. It would be preferred to be able to store multiple string, so there is no chance of the master updating while the remote is reading.
I do not know if this is a feasible task in python, but any and all ideas are welcome. Also, if you have an ideas on how to do this a different way, I am all ears, well eyes in this case.
I would suggest taking a look at setting up a simple site in google app engine. It's free and you can use python to do the site. Than it would just be a matter of creating a simple restful service that you could send a POST to with your pickled data and store it in a database. Than just create a simple web front end onto the database.
Another option in addition to what Casey already provided:
Set up a remote MySQL database somewhere that has user access levels allowing remote connections. Your Python program could then simply access the database and INSERT the data you're trying to store centrally (e.g. through MySQLDb package or pyodbc package). Your users could then either read the data through a client that supports MySQL or you could write a simple front-end in Python or PHP that displays the data from the database.
Adding this as an answer so that OP will be more likely to see it...
Make sure you consider security! If you just blindly accept pickled data, it can open you up to arbitrary code execution.
I suggest you to use a good middle-ware like: Zero-C ICE, Pyro4, Twisted.
Pyro4 using pickle to serialize data.
I wanted to know if there was a way I can get my python script located on a shared web hosting provider to read the contents of a folder on my desktop and list out the contents?
Can this be done using tempfiles?
Server-side web scripts have no access to the client other than through requests. If you can somehow break through the browser's protection settings to get JavaScript, Java, or Flash to read the contents of the client then you stand a fighting chance. But doing so will make many people angry and is generally considered a bad idea.
Unless your desktop computer has a public, accessible IP, neither your app running on a shared web hosting provider, nor any other app and host on the internet, can get information from your desktop computer. Does your desktop computer fall within the tiny minority that does have such a public, accessible IP?
If not, and if you're willing to run the obvious risks involved of course, you can try turning the (probably dynamically assigned) IP address that your ISP gives you into a resolvable domain name, by working with such DNS providers as DynDNS -- it can be done for free.
Once you're past the hurdle of public accessibility, you need to run on your computer some server that can respond to properly authenticated requests by supplying the information you desire. For example, you could run a web server such as Apache (which is powerful indeed but perhaps a bit hard for you to set up), or the like -- and a custom app on top of it to check authentication and provide the specific information you want to make available.
If you have no privacy worry (i.e., you don't mind that any hacker in the world can look at that folder's contents), you can skip the authentication, which is the really delicate and potentially fragile part (given that there's really no way for your app, running on a shared web hosting provider, to hold "secrets" very effectively).
If you can clarify each of these issues, then we can help pinpoint the best approach (what to install and how on both your desktop computer, and that shared web hosting provider).