[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Edlug Archive Mar 2004 ]

Re: [edlug] Free Polling CGI's



X-Forwarded-For is highly spoofable, unless you trust the proxy.  But 
what about people genuinely using the same IP (surely someone in EdLUG 
has a multi-user OS... :).

Ben

On Thursday, 04 March 2004 16:59, Lee Kindness wrote:
> > [ can't quote due to incorrect msg encoding, don't ask how I viewed
> > it! ]
>
> Only allowing one vote from a single IP isn't the way forward
> though. For example all hosts at csl.co.uk appear to have the same IP
> and thus multiple members from these hosts wouldn't get a vote.
>
> Making use of the "X-Forwarded-For" HTTP header to differentiate
> between users with the "same IP" on different machines is a step
> forward. However I managed to bust this on the last poll by using my
> Linux box and a VMWare WinXP session running inside it (with a
> different IP)...
>
> Just pointing out the technicalities - not interested in the vote!!
>
> L.
> -
> ---------------------------------------------------------------------
>- You can find the EdLUG mailing list FAQ list at:
> http://www.edlug.org.uk/list_faq.html

-- 
Ben Soares                              	   tel:	+44 (0)131-651 1238
EDINA, Edinburgh University Data Library	   fax:	+44 (0)131-650 3308
Main Library Building, George Square    	 email:	ben.soares@xxx.xxx.xxx
Edinburgh EH8 9LJ, Scotland, UK         	   www:	http://edina.ac.uk/

"Hmmm, that makes no sense to me...
 But then you are very small, perhaps you're right." -- Treebeard

-
----------------------------------------------------------------------
You can find the EdLUG mailing list FAQ list at:
http://www.edlug.org.uk/list_faq.html



This archive is kept by wibble@morpheux.org.DONTSPAMME
homepage