Re: What is you IP ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, July 12, 2006 8:29 pm, Roger Thomas wrote:
> I want to filter IP addresses. I noticed that my script catches IP
> addresses that looks like they came from the internal LAN, ie
> 192.x.x.x and 10.x.x.x
>
> My script catched those IPs by $_SERVER['REMOTE_ADDR']. Am I not being
> able to catch IPs from transparent proxies that a user's ISP might
> use? Would $_SERVER['HTTP_X_FORWARDED_FOR'] be better ? Reasons ?

Since the whole point of a transparent proxy is to hide the IP address
from you, then, yes, you can't get at that IP address.

And, if you could, then it wouldn't matter much, as AOL users change
IP addresses faster than a drummer changes his underwear.

Furthermore, proxies will "mask" all the users behind a single IP --
So, for example, *ALL* IBM employees, and they are legion, could, in
theory, have the "same" IP address as far as your web application is
concerned.

IP address is only useful in a couple instances.

When you control the IP address and routers in the chain to be sure
that the IP is correct, you can use it as a security layer to allow
access only from one specific IP address.  Bad Guys can forge IP
addresses, but it's non-trivial, and routing the traffic to make it be
useful to them is even more-so.

IP address as a single indicator in a multi-faceted heuristic estimate
that a "user" is the "same" as previous user is not completely
useless, but you'd be better off just requiring a login unless you
have some very serious infrastructure ready to leap into action on
this task.

-- 
Like Music?
http://l-i-e.com/artists.htm

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux