Re: get ip

"Randy Webb" <HikksNotAtHome@xxxxxxx> wrote in message
news:68GdneO5fYOwLMzfRVn-1Q@xxxxxxxxxxxxxx
| Philippe l. Balmanno wrote:
| > Randy Webb" <HikksNotAtHome@xxxxxxx> wrote in message
| > news:faOdneYQT87_GM3fRVn-hw@xxxxxxxxxxxxxx
| > | Philippe l. Balmanno wrote:
| > | > "Randy Webb" <HikksNotAtHome@xxxxxxx> wrote in message
| > | > news:ft6dnc6UNfv7ltLfRVn-pQ@xxxxxxxxxxxxxx
| > | > | Philippe l. Balmanno wrote:
| > | > | > So you read it.
|
| <--snip-->
|
| > Three things are evident:
| > 1) You didn't read my posts because I never mentioned security.
|
| Let me quote your second reply:
|
| <quote>
| So you read it. And I assume are dismissing the relevance to
security
| scans all-be-it if the access is through a proxy then there is no
way
| to get the originating IP. I wonder if your objections to the OP
| seeking the info have an ulterior motive?
| </quote>
|
| I may have mis-read it (probably did) but you did mention security.
|
| > 2) You didn't read the short article in the link or we wouldn't
have
| > had this exchange and would have known how to identify a proxy
from
| > the article.
|
| Hmmm, so I am assuming you are not referring to this line of that
article:
|
| <quote>
| One other thing worth bearing in mind. If the user also accesses the
| internet via a Proxy server, then HTTP_X_FORWARDED_FOR will contain
the
| Proxy's IP address. If this is the case, there is no way to get the
| users 'real' IP address.
| </quote>
|
| And that has been precisely my point. There is no *reliable* way to
get
| a user's IP Address. And since you can't get it reliably, that makes
it
| *worthless*.
|
| > 3) You're a home user with out the ability to conceive why even
| > getting your router IP from the ISP side still identifies you.
|
| I gave my home setup as an example. A very simplified example. But,
you
| want an actual corporate scenario? Here goes:
|
| When I sit at my desk at work, and connect to a website (or rather I
| request it), it goes to the local intranet server for that location.
| From that server it is sent to the main intranet server for the
| platform that I am employed in. Then it is sent to the main intranet
for
| the entire corporation, based in New York City, USA, then *that*
server
| makes a simple request for the page. It is then returned back
through
| that path to my PC. All of that is providing that it meets the 4
levels
| of criteria that is required to access a website from a user
terminal.
|
| Now, please tell me how you intend to get the IP Address of my work
PC
| from your website? If, and only if, you can explain that to me will
I
| even consider an IP Address to be of any interest, which it isn't.
Or
| rather, it shouldn't be as it is worthless, unreliable, and useless.
|
| --
| Randy
| comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup
weekly



Let me quote your second reply:

<quote>
So you read it. And I assume are dismissing the relevance to security
scans all-be-it if the access is through a proxy then there is no way
to get the originating IP. I wonder if your objections to the OP
seeking the info have an ulterior motive?
</quote>

I may have mis-read it (probably did) but you did mention security.

Excuse me, I did mention the word but had the intention of conveying
verification in mind.
In other words comparing an IP to a list/db of authorized users.
As in I sign up as a member and my user ID, PWD and IP are recorded
for future verification.

Hmmm, so I am assuming you are not referring to this line of that
article:

<quote>
One other thing worth bearing in mind. If the user also accesses the
internet via a Proxy server, then HTTP_X_FORWARDED_FOR will contain
the
Proxy's IP address. If this is the case, there is no way to get the
users 'real' IP address.
</quote>

Yes, that's what I ment about "we wouldn't have
had this exchange and would have known how to identify a proxy from
the article." In no way did I say you are out of wack with your
point.
Just that there are some uses in IP verification.



"Now, please tell me how you intend to get the IP Address of my work
PC
from your website? If, and only if, you can explain that to me will I
even consider an IP Address to be of any interest, which it isn't. Or
rather, it shouldn't be as it is worthless, unreliable, and useless."

Well, if it is not a matter of verification against my business db of
authorized user/clients I don't care.
But if it is a matter of you committing a fraud on my business, after
I get your businesses IP I produce a SUBPOENA DUCES TECUM.


.

Relevant Pages

  • RE: Netcat through Proxy
    ... If there isn't a protocol filter on the proxy and the netcat server ... Subject: Netcat through Proxy ... > Security Identification Systems Corporation ...
    (Security-Basics)
  • [NT] Flaw in Winsock Proxy Service and ISA Firewall Service Can Cause Denial of Service
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Acceleration Server 2000 contain support for Windows Sockets ... proxy communications. ... communications requests for Internet applications in a Microsoft Windows ...
    (Securiteam)
  • Re: SBS V4.0
    ... Yes I thought so with proxy I have pointed out the ... >security patches. ... >act as a pop server. ...
    (microsoft.public.backoffice.smallbiz2000)
  • security-basics Digest of: get.123_145
    ... VPN to ASP a security risk? ... Re: Multiple IPSec tunnels? ... Subject: Security NT Server ... VPN to ASP a security risk? ...
    (Security-Basics)
  • << SBS News of the week - Sept 26 >>
    ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
    (microsoft.public.backoffice.smallbiz)