How do I really know who is accessing my server?





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







1















Recently I started using my old desktop computer as a server, I installed Ubuntu server 18.04 and it's now connected to my router (Huawei HG532s). I also have a web page (Only for testing) and an SSH server to log in and monitor the server from anywhere (obvious) and the problem comes now:



I have the server connected to the router and the router (ADSL) is connected to the internet. I have set up the router to forward any request that wants to connect via port 80 or 22 to the private IP of the server. And now, whenever someone connects to my web server, the access logs shows me that all petitions are coming from the same IP (My public IP) and same with SSH, whenever I connect to my server, when I type the command who it shows me I'm connected from my public IP.
I know that problem it's because it's my router who is forwarding the packaged and requests but I would like to know if there is any kind of "solution" to this so I'm able to actually know who is establishing a connection to my server.



Thanks in advice and sorry if I misspelled, trying my best to write this correctly.



Output of who command:



alex@ubuntu:~$ who

alex    pts/0     2019-02-07 07:22 (62.37.40.224)

alex    pts/1     2019-02-07 07:22 (62.37.40.224)


Output of the traceroute command to my server's IP from my university’s network:



traceroute to 62.37.40.224 (62.37.40.224), 30 hops max, 60 byte packets

   192.168.212.254 (192.168.212.254)  3.004 ms  2.972 ms  2.947 ms

   172.29.34.1 (172.29.34.1)  7.755 ms  7.736 ms  7.686 ms

   1.red-81-46-16.customer.static.ccgg.telefonica.net (81.46.16.1)  7.662 ms  7.621 ms  7.584 ms

   217.red-217-124-114.static.ccgg.telefonica.net (217.124.114.217)  15.257 ms 217.124.112.37 (217.124.112.37)  20.113 ms 217.124.114.217 (217.124.114.217)  20.108 ms

   * * *

   157.red-80-58-84.staticip.rima-tde.net (80.58.84.157)  14.988 ms  15.931 ms  15.895 ms

   145.red-80-58-97.staticip.rima-tde.net (80.58.97.145)  15.865 ms * *

   80.58.106.58 (80.58.106.58)  14.724 ms  14.712 ms  14.687 ms

   241.red-80-58-88.staticip.rima-tde.net (80.58.88.241)  14.661 ms  14.635 ms  14.615 ms

  10.21.0.1 (10.21.0.1)  14.565 ms  14.475 ms  20.228 ms

  10.21.0.2 (10.21.0.2)  20.180 ms  20.143 ms  20.111 ms

  172.27.111.22 (172.27.111.22)  15.212 ms  15.175 ms  15.005 ms

  172.27.111.51 (172.27.111.51)  14.931 ms  14.818 ms  14.807 ms

  172.27.111.126 (172.27.111.126)  14.797 ms  14.776 ms  14.762 ms

  172.27.111.10 (172.27.111.10)  19.592 ms  16.708 ms  16.622 ms

  193.152.56.1 (193.152.56.1)  19.503 ms  19.474 ms  19.407 ms

  80.58.72.149 (80.58.72.149)  19.399 ms  19.356 ms  19.292 ms

  * * *

  * * *

  216.184.113.180 (216.184.113.180)  23.230 ms  17.892 ms *

  * * *

  * * *

  * 193.251.247.14 (193.251.247.14)  16.104 ms *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *


Apache2 log after access with my 4G IP:



90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1"


Command who output after logging in with my 4G IP:



alex     pts/0        2019-02-07 09:35 (192.168.1.254)

alex     pts/1        2019-02-07 09:16 (62.37.40.224)

alex     pts/2        2019-02-07 10:19 (62.37.40.224)

alex     pts/3        2019-02-07 10:44 (62.37.40.224)





networking ubuntu router ip adsl







share|improve this question

























  • Have you had someone else try to connect? Cause any connections from you would be from your ip address... your ip address would be both the destination (which then gets NATed to the internal network ip of the server) and the source.

    – Cliff Armstrong
    Feb 7 at 9:40






  • 1





    As @CliffArmstrong has suggested... a basic test would be to use your mobile phone 3G/4G and visit your website/log on to your SSH and then check the logs to see if your 3G/4G IP address is logged...

    – Kinnectus
    Feb 7 at 9:47











  • Originally posted at askubuntu.com/questions/1116327/…, see also the comments there.

    – Melebius
    Feb 7 at 9:49








  • 2





    90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" Oh yes, if I get into my web page from my 4G IP address it shows it... Why doesn't it show it when I log in with my univeristy proxy?

    – xBeiker
    Feb 7 at 10:22











  • @xBeiker Have you also tried SSH from the phone (e.g. using Termius)?

    – Melebius
    Feb 7 at 10:39


















1















Recently I started using my old desktop computer as a server, I installed Ubuntu server 18.04 and it's now connected to my router (Huawei HG532s). I also have a web page (Only for testing) and an SSH server to log in and monitor the server from anywhere (obvious) and the problem comes now:



I have the server connected to the router and the router (ADSL) is connected to the internet. I have set up the router to forward any request that wants to connect via port 80 or 22 to the private IP of the server. And now, whenever someone connects to my web server, the access logs shows me that all petitions are coming from the same IP (My public IP) and same with SSH, whenever I connect to my server, when I type the command who it shows me I'm connected from my public IP.
I know that problem it's because it's my router who is forwarding the packaged and requests but I would like to know if there is any kind of "solution" to this so I'm able to actually know who is establishing a connection to my server.



Thanks in advice and sorry if I misspelled, trying my best to write this correctly.



Output of who command:



alex@ubuntu:~$ who

alex    pts/0     2019-02-07 07:22 (62.37.40.224)

alex    pts/1     2019-02-07 07:22 (62.37.40.224)


Output of the traceroute command to my server's IP from my university’s network:



traceroute to 62.37.40.224 (62.37.40.224), 30 hops max, 60 byte packets

   192.168.212.254 (192.168.212.254)  3.004 ms  2.972 ms  2.947 ms

   172.29.34.1 (172.29.34.1)  7.755 ms  7.736 ms  7.686 ms

   1.red-81-46-16.customer.static.ccgg.telefonica.net (81.46.16.1)  7.662 ms  7.621 ms  7.584 ms

   217.red-217-124-114.static.ccgg.telefonica.net (217.124.114.217)  15.257 ms 217.124.112.37 (217.124.112.37)  20.113 ms 217.124.114.217 (217.124.114.217)  20.108 ms

   * * *

   157.red-80-58-84.staticip.rima-tde.net (80.58.84.157)  14.988 ms  15.931 ms  15.895 ms

   145.red-80-58-97.staticip.rima-tde.net (80.58.97.145)  15.865 ms * *

   80.58.106.58 (80.58.106.58)  14.724 ms  14.712 ms  14.687 ms

   241.red-80-58-88.staticip.rima-tde.net (80.58.88.241)  14.661 ms  14.635 ms  14.615 ms

  10.21.0.1 (10.21.0.1)  14.565 ms  14.475 ms  20.228 ms

  10.21.0.2 (10.21.0.2)  20.180 ms  20.143 ms  20.111 ms

  172.27.111.22 (172.27.111.22)  15.212 ms  15.175 ms  15.005 ms

  172.27.111.51 (172.27.111.51)  14.931 ms  14.818 ms  14.807 ms

  172.27.111.126 (172.27.111.126)  14.797 ms  14.776 ms  14.762 ms

  172.27.111.10 (172.27.111.10)  19.592 ms  16.708 ms  16.622 ms

  193.152.56.1 (193.152.56.1)  19.503 ms  19.474 ms  19.407 ms

  80.58.72.149 (80.58.72.149)  19.399 ms  19.356 ms  19.292 ms

  * * *

  * * *

  216.184.113.180 (216.184.113.180)  23.230 ms  17.892 ms *

  * * *

  * * *

  * 193.251.247.14 (193.251.247.14)  16.104 ms *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *


Apache2 log after access with my 4G IP:



90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1"


Command who output after logging in with my 4G IP:



alex     pts/0        2019-02-07 09:35 (192.168.1.254)

alex     pts/1        2019-02-07 09:16 (62.37.40.224)

alex     pts/2        2019-02-07 10:19 (62.37.40.224)

alex     pts/3        2019-02-07 10:44 (62.37.40.224)





networking ubuntu router ip adsl







share|improve this question

























  • Have you had someone else try to connect? Cause any connections from you would be from your ip address... your ip address would be both the destination (which then gets NATed to the internal network ip of the server) and the source.

    – Cliff Armstrong
    Feb 7 at 9:40






  • 1





    As @CliffArmstrong has suggested... a basic test would be to use your mobile phone 3G/4G and visit your website/log on to your SSH and then check the logs to see if your 3G/4G IP address is logged...

    – Kinnectus
    Feb 7 at 9:47











  • Originally posted at askubuntu.com/questions/1116327/…, see also the comments there.

    – Melebius
    Feb 7 at 9:49








  • 2





    90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" Oh yes, if I get into my web page from my 4G IP address it shows it... Why doesn't it show it when I log in with my univeristy proxy?

    – xBeiker
    Feb 7 at 10:22











  • @xBeiker Have you also tried SSH from the phone (e.g. using Termius)?

    – Melebius
    Feb 7 at 10:39














1












1








1








Recently I started using my old desktop computer as a server, I installed Ubuntu server 18.04 and it's now connected to my router (Huawei HG532s). I also have a web page (Only for testing) and an SSH server to log in and monitor the server from anywhere (obvious) and the problem comes now:



I have the server connected to the router and the router (ADSL) is connected to the internet. I have set up the router to forward any request that wants to connect via port 80 or 22 to the private IP of the server. And now, whenever someone connects to my web server, the access logs shows me that all petitions are coming from the same IP (My public IP) and same with SSH, whenever I connect to my server, when I type the command who it shows me I'm connected from my public IP.
I know that problem it's because it's my router who is forwarding the packaged and requests but I would like to know if there is any kind of "solution" to this so I'm able to actually know who is establishing a connection to my server.



Thanks in advice and sorry if I misspelled, trying my best to write this correctly.



Output of who command:



alex@ubuntu:~$ who

alex    pts/0     2019-02-07 07:22 (62.37.40.224)

alex    pts/1     2019-02-07 07:22 (62.37.40.224)


Output of the traceroute command to my server's IP from my university’s network:



traceroute to 62.37.40.224 (62.37.40.224), 30 hops max, 60 byte packets

   192.168.212.254 (192.168.212.254)  3.004 ms  2.972 ms  2.947 ms

   172.29.34.1 (172.29.34.1)  7.755 ms  7.736 ms  7.686 ms

   1.red-81-46-16.customer.static.ccgg.telefonica.net (81.46.16.1)  7.662 ms  7.621 ms  7.584 ms

   217.red-217-124-114.static.ccgg.telefonica.net (217.124.114.217)  15.257 ms 217.124.112.37 (217.124.112.37)  20.113 ms 217.124.114.217 (217.124.114.217)  20.108 ms

   * * *

   157.red-80-58-84.staticip.rima-tde.net (80.58.84.157)  14.988 ms  15.931 ms  15.895 ms

   145.red-80-58-97.staticip.rima-tde.net (80.58.97.145)  15.865 ms * *

   80.58.106.58 (80.58.106.58)  14.724 ms  14.712 ms  14.687 ms

   241.red-80-58-88.staticip.rima-tde.net (80.58.88.241)  14.661 ms  14.635 ms  14.615 ms

  10.21.0.1 (10.21.0.1)  14.565 ms  14.475 ms  20.228 ms

  10.21.0.2 (10.21.0.2)  20.180 ms  20.143 ms  20.111 ms

  172.27.111.22 (172.27.111.22)  15.212 ms  15.175 ms  15.005 ms

  172.27.111.51 (172.27.111.51)  14.931 ms  14.818 ms  14.807 ms

  172.27.111.126 (172.27.111.126)  14.797 ms  14.776 ms  14.762 ms

  172.27.111.10 (172.27.111.10)  19.592 ms  16.708 ms  16.622 ms

  193.152.56.1 (193.152.56.1)  19.503 ms  19.474 ms  19.407 ms

  80.58.72.149 (80.58.72.149)  19.399 ms  19.356 ms  19.292 ms

  * * *

  * * *

  216.184.113.180 (216.184.113.180)  23.230 ms  17.892 ms *

  * * *

  * * *

  * 193.251.247.14 (193.251.247.14)  16.104 ms *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *


Apache2 log after access with my 4G IP:



90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1"


Command who output after logging in with my 4G IP:



alex     pts/0        2019-02-07 09:35 (192.168.1.254)

alex     pts/1        2019-02-07 09:16 (62.37.40.224)

alex     pts/2        2019-02-07 10:19 (62.37.40.224)

alex     pts/3        2019-02-07 10:44 (62.37.40.224)





networking ubuntu router ip adsl







share|improve this question
















Recently I started using my old desktop computer as a server, I installed Ubuntu server 18.04 and it's now connected to my router (Huawei HG532s). I also have a web page (Only for testing) and an SSH server to log in and monitor the server from anywhere (obvious) and the problem comes now:



I have the server connected to the router and the router (ADSL) is connected to the internet. I have set up the router to forward any request that wants to connect via port 80 or 22 to the private IP of the server. And now, whenever someone connects to my web server, the access logs shows me that all petitions are coming from the same IP (My public IP) and same with SSH, whenever I connect to my server, when I type the command who it shows me I'm connected from my public IP.
I know that problem it's because it's my router who is forwarding the packaged and requests but I would like to know if there is any kind of "solution" to this so I'm able to actually know who is establishing a connection to my server.



Thanks in advice and sorry if I misspelled, trying my best to write this correctly.



Output of who command:



alex@ubuntu:~$ who

alex    pts/0     2019-02-07 07:22 (62.37.40.224)

alex    pts/1     2019-02-07 07:22 (62.37.40.224)


Output of the traceroute command to my server's IP from my university’s network:



traceroute to 62.37.40.224 (62.37.40.224), 30 hops max, 60 byte packets

   192.168.212.254 (192.168.212.254)  3.004 ms  2.972 ms  2.947 ms

   172.29.34.1 (172.29.34.1)  7.755 ms  7.736 ms  7.686 ms

   1.red-81-46-16.customer.static.ccgg.telefonica.net (81.46.16.1)  7.662 ms  7.621 ms  7.584 ms

   217.red-217-124-114.static.ccgg.telefonica.net (217.124.114.217)  15.257 ms 217.124.112.37 (217.124.112.37)  20.113 ms 217.124.114.217 (217.124.114.217)  20.108 ms

   * * *

   157.red-80-58-84.staticip.rima-tde.net (80.58.84.157)  14.988 ms  15.931 ms  15.895 ms

   145.red-80-58-97.staticip.rima-tde.net (80.58.97.145)  15.865 ms * *

   80.58.106.58 (80.58.106.58)  14.724 ms  14.712 ms  14.687 ms

   241.red-80-58-88.staticip.rima-tde.net (80.58.88.241)  14.661 ms  14.635 ms  14.615 ms

  10.21.0.1 (10.21.0.1)  14.565 ms  14.475 ms  20.228 ms

  10.21.0.2 (10.21.0.2)  20.180 ms  20.143 ms  20.111 ms

  172.27.111.22 (172.27.111.22)  15.212 ms  15.175 ms  15.005 ms

  172.27.111.51 (172.27.111.51)  14.931 ms  14.818 ms  14.807 ms

  172.27.111.126 (172.27.111.126)  14.797 ms  14.776 ms  14.762 ms

  172.27.111.10 (172.27.111.10)  19.592 ms  16.708 ms  16.622 ms

  193.152.56.1 (193.152.56.1)  19.503 ms  19.474 ms  19.407 ms

  80.58.72.149 (80.58.72.149)  19.399 ms  19.356 ms  19.292 ms

  * * *

  * * *

  216.184.113.180 (216.184.113.180)  23.230 ms  17.892 ms *

  * * *

  * * *

  * 193.251.247.14 (193.251.247.14)  16.104 ms *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *

  * * *


Apache2 log after access with my 4G IP:



90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1"


Command who output after logging in with my 4G IP:



alex     pts/0        2019-02-07 09:35 (192.168.1.254)

alex     pts/1        2019-02-07 09:16 (62.37.40.224)

alex     pts/2        2019-02-07 10:19 (62.37.40.224)

alex     pts/3        2019-02-07 10:44 (62.37.40.224)





networking ubuntu router ip adsl




networking ubuntu router ip adsl






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 7 at 12:10









Melebius

6771925




6771925










asked Feb 7 at 9:37









xBeikerxBeiker

63




63













  • Have you had someone else try to connect? Cause any connections from you would be from your ip address... your ip address would be both the destination (which then gets NATed to the internal network ip of the server) and the source.

    – Cliff Armstrong
    Feb 7 at 9:40






  • 1





    As @CliffArmstrong has suggested... a basic test would be to use your mobile phone 3G/4G and visit your website/log on to your SSH and then check the logs to see if your 3G/4G IP address is logged...

    – Kinnectus
    Feb 7 at 9:47











  • Originally posted at askubuntu.com/questions/1116327/…, see also the comments there.

    – Melebius
    Feb 7 at 9:49








  • 2





    90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" Oh yes, if I get into my web page from my 4G IP address it shows it... Why doesn't it show it when I log in with my univeristy proxy?

    – xBeiker
    Feb 7 at 10:22











  • @xBeiker Have you also tried SSH from the phone (e.g. using Termius)?

    – Melebius
    Feb 7 at 10:39



















  • Have you had someone else try to connect? Cause any connections from you would be from your ip address... your ip address would be both the destination (which then gets NATed to the internal network ip of the server) and the source.

    – Cliff Armstrong
    Feb 7 at 9:40






  • 1





    As @CliffArmstrong has suggested... a basic test would be to use your mobile phone 3G/4G and visit your website/log on to your SSH and then check the logs to see if your 3G/4G IP address is logged...

    – Kinnectus
    Feb 7 at 9:47











  • Originally posted at askubuntu.com/questions/1116327/…, see also the comments there.

    – Melebius
    Feb 7 at 9:49








  • 2





    90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" Oh yes, if I get into my web page from my 4G IP address it shows it... Why doesn't it show it when I log in with my univeristy proxy?

    – xBeiker
    Feb 7 at 10:22











  • @xBeiker Have you also tried SSH from the phone (e.g. using Termius)?

    – Melebius
    Feb 7 at 10:39

















Have you had someone else try to connect? Cause any connections from you would be from your ip address... your ip address would be both the destination (which then gets NATed to the internal network ip of the server) and the source.

– Cliff Armstrong
Feb 7 at 9:40





Have you had someone else try to connect? Cause any connections from you would be from your ip address... your ip address would be both the destination (which then gets NATed to the internal network ip of the server) and the source.

– Cliff Armstrong
Feb 7 at 9:40




1




1





As @CliffArmstrong has suggested... a basic test would be to use your mobile phone 3G/4G and visit your website/log on to your SSH and then check the logs to see if your 3G/4G IP address is logged...

– Kinnectus
Feb 7 at 9:47





As @CliffArmstrong has suggested... a basic test would be to use your mobile phone 3G/4G and visit your website/log on to your SSH and then check the logs to see if your 3G/4G IP address is logged...

– Kinnectus
Feb 7 at 9:47













Originally posted at askubuntu.com/questions/1116327/…, see also the comments there.

– Melebius
Feb 7 at 9:49







Originally posted at askubuntu.com/questions/1116327/…, see also the comments there.

– Melebius
Feb 7 at 9:49






2




2





90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" Oh yes, if I get into my web page from my 4G IP address it shows it... Why doesn't it show it when I log in with my univeristy proxy?

– xBeiker
Feb 7 at 10:22





90.174.4.159 - - [07/Feb/2019:10:20:24 +0000] "GET / HTTP/1.1" 200 774 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1" Oh yes, if I get into my web page from my 4G IP address it shows it... Why doesn't it show it when I log in with my univeristy proxy?

– xBeiker
Feb 7 at 10:22













@xBeiker Have you also tried SSH from the phone (e.g. using Termius)?

– Melebius
Feb 7 at 10:39





@xBeiker Have you also tried SSH from the phone (e.g. using Termius)?

– Melebius
Feb 7 at 10:39










1 Answer
1






active

oldest

votes


















2














If I understand your question correctly, this will be a problem with the way your router is handling inbound connections. It appears to be proxying them or translating the source address as well as the destination - when it.should.only be doing the latter.






share|improve this answer


























  • I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

    – xBeiker
    Feb 7 at 10:52













  • What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

    – davidgo
    Feb 7 at 18:16











  • But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

    – xBeiker
    Feb 7 at 19:58






  • 1





    You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

    – davidgo
    Feb 7 at 20:20






  • 1





    Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

    – xBeiker
    Feb 7 at 20:52












Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403052%2fhow-do-i-really-know-who-is-accessing-my-server%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














If I understand your question correctly, this will be a problem with the way your router is handling inbound connections. It appears to be proxying them or translating the source address as well as the destination - when it.should.only be doing the latter.






share|improve this answer


























  • I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

    – xBeiker
    Feb 7 at 10:52













  • What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

    – davidgo
    Feb 7 at 18:16











  • But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

    – xBeiker
    Feb 7 at 19:58






  • 1





    You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

    – davidgo
    Feb 7 at 20:20






  • 1





    Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

    – xBeiker
    Feb 7 at 20:52
















2














If I understand your question correctly, this will be a problem with the way your router is handling inbound connections. It appears to be proxying them or translating the source address as well as the destination - when it.should.only be doing the latter.






share|improve this answer


























  • I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

    – xBeiker
    Feb 7 at 10:52













  • What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

    – davidgo
    Feb 7 at 18:16











  • But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

    – xBeiker
    Feb 7 at 19:58






  • 1





    You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

    – davidgo
    Feb 7 at 20:20






  • 1





    Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

    – xBeiker
    Feb 7 at 20:52














2












2








2







If I understand your question correctly, this will be a problem with the way your router is handling inbound connections. It appears to be proxying them or translating the source address as well as the destination - when it.should.only be doing the latter.






share|improve this answer















If I understand your question correctly, this will be a problem with the way your router is handling inbound connections. It appears to be proxying them or translating the source address as well as the destination - when it.should.only be doing the latter.







share|improve this answer














share|improve this answer



share|improve this answer








edited Feb 8 at 18:45









GAD3R

2,4421226




2,4421226










answered Feb 7 at 10:44









davidgodavidgo

45k75392




45k75392













  • I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

    – xBeiker
    Feb 7 at 10:52













  • What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

    – davidgo
    Feb 7 at 18:16











  • But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

    – xBeiker
    Feb 7 at 19:58






  • 1





    You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

    – davidgo
    Feb 7 at 20:20






  • 1





    Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

    – xBeiker
    Feb 7 at 20:52



















  • I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

    – xBeiker
    Feb 7 at 10:52













  • What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

    – davidgo
    Feb 7 at 18:16











  • But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

    – xBeiker
    Feb 7 at 19:58






  • 1





    You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

    – davidgo
    Feb 7 at 20:20






  • 1





    Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

    – xBeiker
    Feb 7 at 20:52

















I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

– xBeiker
Feb 7 at 10:52







I've updated the post (at the end) to show the output of who when I log in with my 4G IP and the access log of apache2 in case it helps...

– xBeiker
Feb 7 at 10:52















What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

– davidgo
Feb 7 at 18:16





What ypu have provided in your update shows everythings is correct, and your router is not ptoxying or rewriting source addresses. Without some kind of authentication or tie-in with a third party, the best you csn get is the remote parties purported IP address, ehivh is coming yhtough uniquely as per your tests.

– davidgo
Feb 7 at 18:16













But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

– xBeiker
Feb 7 at 19:58





But whenever someone logs in via SSH it's not showing me his IP address, it's showing my own public IP adress

– xBeiker
Feb 7 at 19:58




1




1





You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

– davidgo
Feb 7 at 20:20





You can. The problem exists on the router, so you would need to fix it theore (or if it is not fixable there, replace the router). You may also be able to work arround it by changing the port SSH listens on - especially SSH runs on the router. Another solution would be to use a VPN to connect to the box, and then SSH over that - which is a more secure solution as well.

– davidgo
Feb 7 at 20:20




1




1





Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

– xBeiker
Feb 7 at 20:52





Now that you mention it, I forgot to explain that I use both 22 and 443 ports to access via SSH since my university's proxy has port 22 unaccesible, but when I use it on my phone I'm using the 22 port and it shows the same

– xBeiker
Feb 7 at 20:52


















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1403052%2fhow-do-i-really-know-who-is-accessing-my-server%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Plaza Victoria

Image
Plaza Victoria Plaza Victoria en 2017 Otros nombres Plaza de La Victoria Localización El Almendral, Valparaíso, Chile Vías adyacentes Chacabuco, Molina, Plaza Victoria y Edwards Creación 1841 Metro Bellavista Ubicación 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 Coordenadas: 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 [editar datos en Wikidata] La Plaza Victoria , también llamada Plaza de la Victoria , [ 1 ] ​ es una plaza ubicada en el sector El Almendral del plan de la ciudad de Valparaíso, Chile, de importancia patrimonial, que incluye valiosas estatuas y especies vegetales. [ 2 ] ​ La plaza se creó como tal en la primera mitad del siglo XIX, tomando previamente los nombres de Plaza Nueva y Plaza de Orrego . Si bien desde sus inicios tuvo relevancia histórica, no fue sino a partir de fines de los años 1860 cuando comenzó a cobrar mayor importancia y se convirtió en uno de los principales centros sociales de l
Read more

In PowerPoint, is there a keyboard shortcut for bulleted / numbered list?

Image
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 OneNote has two useful keyboard shortcuts for bulleted and numbered lists, namely Ctrl + . and Ctrl + - . Is there something similar for PowerPoint where the work with lists is also very common? Haven't found anything here: Use keyboard shortcuts in PowerPoint. keyboard-shortcuts microsoft-powerpoint share | improve this question edited Aug 14 '14 at 14:49 Linger 2,826 10 28 40
Read more

How to put 3 figures in Latex with 2 figures side by side and 1 below these side by side images but in...

Image
1 0 I want to put 3 images in LateX such as 2 figures are side by side horizotally and 3rd figure below these 2 side by side figures but in middle. I have following code: begin{figure}[H] centering begin{minipage}{.5textwidth} centering includegraphics[width=.50linewidth]{Text/Images/Genelec_8010_AP.jpg} captionof{figure}{Genelec 8010 AP} label{fig:Genelec 8010} end{minipage}% begin{minipage}{.5textwidth} centering includegraphics[width=.69linewidth]{Text/Images/Genelec_8020_CPM.jpg} captionof{figure}{Genelec 8020 CPM} label{fig:Genelec 8020} end{minipage}% end{figure} %%Here is my 3rd picture code begin{figure} centering includegraphics[width=5cm]{Text/Images/Genelec_8030_BPM.jpg} caption{Genelec 8030 BPM} label{fig:Genelec 8030} end{figure} I want to ask ho
Read more