Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (athena.apache.org: domain of john.iliffe@iliffe.ca
 designates 206.248.138.118 as permitted sender)
From: John Iliffe <john.iliffe@iliffe.ca>
To: users@httpd.apache.org
In-Reply-To: <4AFAB407.8080908@netscape.net>
References: <20091110.212945.21254.0@webmail15.vgs.untd.com>
	 <4AFA7B64.9060501@ice-sa.com>  <4AFAB407.8080908@netscape.net>
Content-Type: text/plain; charset=utf-8
Date: Wed, 11 Nov 2009 12:24:37 -0500
Message-Id: <1257960277.972.10.camel@linuxprod2>
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: [users@httpd] Re: Spam:*****, Re: [users@httpd]

On Wed, 2009-11-11 at 14:54 +0200, Kaya Saman wrote:
> Andr=C3=A9 Warnier wrote:
> > Stephen Love wrote:
> >> Ok, now we're getting somewhere... just ENOUGH to eliminate the path=20
> >> inbetween... I'd just like to ask APACHE for a unique signature of=20
> >> the machine sending the message to compare it against others. Nothing=20
> >> more, nothing less.
> >>
> >>
> >> See us online at http://www.LOVEnCompany.com.
> >>
> > Well, it looks like this list already gave you all the possible=20
> > human-level help. If that does not solve your problem, maybe you=20
> > should ask for some higher-level intervention.
> >
> >
> >
> Please check the OSI systems stack for further information which is=20
> directly compatible with the TCP/IP system's stack - in fact it's kind=20
> of an expanded version that all network engineers use!!
>=20
> Basically in the underlying network components you have physical, media=20
> access, and network layers (1-3); layers 4-7 usually deal with the=20
> computers themselves which start from ports and go to the apps themselves=
.
>=20
> Now layer 2, at least true for Ethernet means that the MAC address of=20
> the system is only point to point between machine and switch port, after=20
> that things change. Layer 3 is convoluted by the intervention of NAT or=20
> proxy so the only thing you are likely to get is the WAN IP address of=20
> the network.
>=20
> Unique identifiers are impossible, even using Cisco's proprietary CDP=20
> (cisco discovery protocol) which discoverers neighboring Cisco devices=20
> cannot go beyond next hop device as uses layer 2 addressing as reference!=
!!
>=20
> The only way I suppose in theory one could do what you are after is for=20
> the user to download a little app that has a unique signature and=20
> broadcasts the full system info according to that. So at least with the=20
> client part of the program you could have say 1 x 10^50 unique=20
> signatures generated by a shell script or program then link them to a=20
> server somewhere...... I do believe this is called spyware though and is=20
> highly illegal!!!
>=20
> In all honesty I think the best way is going through webalizer, GeoIP,=20
> awstats, or Ntop!!! And if going through reverse proxy with Squid like=20
> me; unlike me you can form the logs of Squid in a different way and=20
> hence forward those to Apache, then get Apache to read those 'different'=20
> logs so that you have the correct data collection available to you.......=
.
> As far as I know of this would be about the only way to go! At least you=20
> get the WAN IP of the remote network and can collect and collate=20
> geographic locational information and also ISP info too :-)
>=20
> Without using divine power or alien intervention.......
>=20
>=20
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project=
.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>=20
Isn't this being discussed in the wrong forum?

What is ***looks*** like is that you have a class of computers that you
need to query to find out which one sent the message/packet/transaction
or whatever.  This is the classic case for a digital signature.

The group has to be reasonably finite since you need to have a public
key for each computer that you need to authenticate.  Then send
something in each packet that has to be encrypted under the senders
private key.  You can authenticate that it came from that sender by
decrypting under its public key.  If the result is the original token,
then you can be reasonably certain where the message originated.

John


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org