cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
New Contributor

Are there flaws in using "Client IP" to determine where the client is located?

I'm using http://ip-api.com/csv/ in a Google worksheet formula to pull up geolocation data about IP addresses listed in the Activity Log. The result includes a bunch of info about the IP address (e.g., country, city, state, zip code, longitude and latitude, etc.), though the city/state is usually enough.  I've compared the results of ip-api.com to other sites that show geolocation info about an IP and it seems to be accurate.

 

Upon looking at a recent Activity Report for all of 2017 I see that one PC appears in the report as being frequently accessed from a few local IP addresses, when in reality the user of that PC rarely if ever uses GoToMyPC while in town. Yet the IP address for this user's second home in a distant city appears in the report only 4 times in all of 2017, even though he uses GotomyPC extensively while there.

 

I figured that if Google uses IP Location as a means of detecting "unauthorized activity" IP geolocation must have some validity, but the geolocation results for this particular PC are the opposite of what I would expect.

 

How reliable is the "Client IP" shown in the Access Activity report?  (note that the aforementioned user runs GotomyPC on a desktop PC in his second home, connected to the Internet via Time Warner Cable, so we're not dealing with cell phone or tablet access.)

 

How reliable is geolocation information one can get about an IP address?

Tags (1)
6 REPLIES
New Contributor

Re: Are there flaws in using "Client IP" to determine where the client is located?

In the absence of any replies I called GoToMyPC support again and this time reached a sharp and responsive agent. He said that after the merger the "Client IP" address became buggy and often reported invalid addresses. He connected to a 3rd tier agent and we tried a few of the addresses I thought made no sense. They all turned out to be addresses belonging to Cloudflare, which hosts their service. That's an example of the kind of errors they were seeing. They assert that as of November 2017 the bugs were fixed, though they could see in my case it continued into late November. But as of December 2017 the IP addresses in my report are correct.
Active Contributor

Re: Are there flaws in using "Client IP" to determine where the client is located?

I had a minor heart attack this morning when by happenstance I checked the "session performance" log for a station in GoToMyPC and noticed connections from an IP address I was not familiar with.  My initial concern was that someone had gained access to both my GoToMyPC account and station logins and was spending quality time probing my clients.  But a random checking of the logs suggested that the access times were consistent with when legitimate connections would have occurred.  My second fear was that my network had been hacked and all my IP traffic was being re-routed through a sniffer proxy.  But further investigation verified that was not the case.

Investigating the mystery IP address, I found that it belonged to Cloudflare, which I knew to be a backbone provider connected to LogMeIn.  That made me feel a little better.  The interesting thing was that the geolocation on the address showed it to be at the Colorado State capitol in Denver!  (http://geoiplookup.net/ip/172.68.34.85)  Is the State of Colorado spying on me?  Or does Cloudflare have a switch facility in the basement?  Weird, and still not comforting.

Through a little more experimenting, I discovered the following:  If you log into GoToMyPC through the standard website, your actual public IP address is what gets recorded as it should.  However, I have shortcuts created for the systems I access on a regular basis.  When I access client systems via the shortcuts (bypassing the web interface) then it records 172.68.34.85 in the log.

 

Okay, I feel a bit better now, except that I occasionally rely upon the performance log to see who has logged in where.  If it's going to log this address instead of the actual one, then this function becomes nearly useless.

I'd feel better if I could get a definitive answer on why this is happening, and if it’s going to be rectified.

 

LogMeIn Manager

Re: Are there flaws in using "Client IP" to determine where the client is located?

Hi John,

I will research this further and get back to sometime next week.
Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Active Contributor

Re: Are there flaws in using "Client IP" to determine where the client is located?

Any traction on this question?

LogMeIn Manager

Re: Are there flaws in using "Client IP" to determine where the client is located?

Hi John,

 

I apologize for the wait. Our product team are looking into this, what they have found so far is that connections made using a desktop shortcut are being reported with Cloudflare IP addresses. If you sign into the account on the website or use a mobile app to initiate the session, the correct client IP address will be reported. The team is looking into a fix.

Glenn is a member of the LogMeIn Community Care Team.

Was your question answered? Please mark it as an Accepted Solution.
Was a post helpful or informative? Give it a Kudo!
Active Contributor

Re: Are there flaws in using "Client IP" to determine where the client is located?

That's pretty much what I discovered.  Thanks for the reply, and please let me know when there's a resolultion to this.