httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ryan A"...@jumac.com>
Subject Re: [users@httpd] OT-Getting info and DAP etc clients
Date Sat, 11 Jan 2003 23:53:23 GMT
Hi All,
Thanks guys, but basically it all comes down to,
if i was "big brother" how much can i know about a single client/login?

If i know that i can use something like
if (userip=blah) and (cookie=true) and (session=true) and
(computername=blah?) and etc etc etc

that would make it mighty hard for someone to forge wouldnt it? the more
fields i define the harder to forge...

All replies appreciated....
Cheers,
-Ryan.


----- Original Message -----
From: "J. Greenlees" <jaqui@shaw.ca>
To: <users@httpd.apache.org>
Sent: Saturday, January 11, 2003 10:56 PM
Subject: Re: [users@httpd] OT-Getting info and DAP etc clients


> Ryan,
> you can't rely on ip numbers with a lot of isp's using dynamic ips.
> every time a user connects they have a different ip.
> there are a number of portal sites written in php that work at keeping
> password sharing down. the most effective method for them is sessions.
> ( though none seem to use sessions completely. )
> a better way to go, if you are talking archives, is locking the archive
> and emailing password to unlock it when they download it.
>
> the ip is always included in the headers, but not always the users ip,
> it can be from a router or proxy server instead.
>
> Ryan A wrote:
> > Hi,
> > I am trying to make a small software piece in perl/PHP for apache which
> > will record users when they enter the members area to catch password
> > sharing...
> > I have already been able to record their ip address but i would like to
> > know what else can i get?
> > eg:
> > computer name?
> >
> > second question is, when DAP or other download clients download from a
> > website, do they give out the IP from where they are coming from? am
> > confused on that and couldnt find the answer on google....
> >
> > Any help appreciated.
> > Cheers,
> > -Ryan A.
> >
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message