|
Posted by Gustavo Narea on 10/21/03 11:31
Thanks for the explanation, Richard.
I'll definitely take it into account.
So, let's distrust *everything*.
Best regards.
Richard Lynch wrote:
> On Tue, November 8, 2005 9:43 am, Gustavo Narea wrote:
>
>> *Distrust everything coming from your users,
>> even their user agents*
>>
>> *If you make your scripts taking this into account,
>> they'll be pretty secure*
>>
>>
>>Actually, I believe that the one thing you can trust in, is their IP
>>addresses. Isn't it?
>
>
> No!
>
> IP is useless for identification or authentication of the general
> web-surfer:
> Users behind firwalls will all appear to be from one (1) IP
> AOL users change IPs faster than drummers change underwear
>
> But even in the more restricted case of an IP you "know" will never
> change (e.g.: intranet application), that IP can be spoofed, by a
> knowlegable person.
>
> And/or traffic to/from that IP can be targetted and examined.
>
> The user's IP address is a useless bit of fluff you should ignore at
> all times if you REALLY care about security.
>
> This is not to say it's not TOTALLY useless...
>
> You might, for example, allow developers from 192.168.*.* to surf to
> your http://php.net/phpinfo page on a development box. After all, if
> somebody has already broken through enough walls to surf to it, and
> mask their IP as 192.168.*.*, you probably already have MUCH bigger
> problems than them seeing phpinfo() output...
>
> It would be BETTER to require a password of some kind, but it's not
> totally wack to just use $_SERVER['REMOTE_ADDR'] for this.
>
> You can use IP for statistical analysis of visits/visitors and be
> reasonably certain that MOST of the IP addresses are "accurate" and
> "semi-static" for a crude visitor/traffic monitoring, but knowing that
> a certain percentage of error is inherent to that data -- more like an
> opinion poll than anything.
>
--
Best regards,
Gustavo Narea.
PHP Documentation - Spanish Translation Team.
Valencia, Venezuela.
[Back to original message]
|