RE: Re: security question...??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You could always use a IE exploit to crash the browser, if they are still
requesting, you know they are not IE. ;)

Out of interest, what information are you planning on getting from the
browser?

Why can you not use certificates?

-----Original Message-----
From: bruce [mailto:bedouglas@xxxxxxxxxxxxx]
Sent: 21 June 2005 16:06
To: 'Rory Browne'; 'Matthew Weier O'Phinney'
Cc: php-general@xxxxxxxxxxxxx
Subject: RE:  Re: security question...??


*************************************

This e-mail has been received by the Revenue Internet e-mail service.

*************************************

if i'm the server app, and you tell me that you're IE, v.6, i'd like the
ability to somehow be able to gather information from you, such that i can
then check with msoft to see if your answers match what msoft claims the
answers should be. if you give wrong answers, i can then make a
determination as to whether i want to talk with you, or perhaps limit the
amount/type of information i allow you to access...

this kind of approach goes beyond the 'user/access string' and can actually
get to be rather difficult to spoof, or to break...

keep in mind, this is an off the top suggestion, i'm sure if someone spent
some time, there could be solutions that would be robust, doable, and
reasonably secure...

-bruce


-----Original Message-----
From: Rory Browne [mailto:rory.browne@xxxxxxxxx]
Sent: Tuesday, June 21, 2005 7:39 AM
To: Matthew Weier O'Phinney
Cc: php-general@xxxxxxxxxxxxx
Subject: Re:  Re: security question...??


On 6/21/05, Matthew Weier O'Phinney <matthew@xxxxxxxxxx> wrote:
> * "david forums" <dforums@xxxxxxxxxxx>:
> > Why don't you try to get interactivity with ID machin which is unique,
or
> > with mac address.
>
> MAC address wouldn't work if the user is behind a proxy.
I think you mean IP addresses. MAC's won't work if the user is behind
a router - which they generally are, unless you're on the same network
- ie on an Intranet, and even then.......


>
>
> --
> Matthew Weier O'Phinney           | WEBSITES:
> Webmaster and IT Specialist       | http://www.garden.org
> National Gardening Association    | http://www.kidsgardening.com
> 802-863-5251 x156                 | http://nationalgardenmonth.org
> mailto:matthew@xxxxxxxxxx         | http://vermontbotanical.org
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





************************

This message has been delivered to the Internet by the Revenue Internet e-mail service

*************************

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux