Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Proxy IP changing with every request 2

Status
Not open for further replies.
vspinnet

vspinnet

Programmer
Apr 27, 2008
4
0
0
US
I searched "IP" and "forum" on google.com and found this forum listed as #1, so I hope you guys can help. :)

I am a PHP web developer and I'm trying to create a computer signature for all my user sessions. I would like to include the user's remote IP as part of the signature. I know some users will share the same IP and that is okay. However, I have read that for some people, IPs can change with EVERY request during a single session.

I have a couple questions that I'm hoping some of you will know the answers to in regard to IPs changing with every request.

1. Generally, what percentage of my users will this be true for?

2. Will any of the browsers below keep my user's remote IP from changing during a single session?:

Internet Explorer
Firefox
Mozilla
Safari
Opera
Netscape
America Online

I plan on prompting my users for their password should their computer signature change. If the computer signature is going to change with EVERY request, I would like to suggest to the user that they use a particular browser that keeps this from happening.

Sorry if my IP knowledge is not the greatest. :)


Thank you
 
Sort by date Sort by votes
Hello Burt,

That would be great if it was possible. I've been searching the Internet for a way using PHP and there does not seem to be one. An expert on one website said the following (when using PHP):

"You cannot get it because of the way that the internet was designed and the way that the IP protocol works, you wouldn't be able to find a mac address of someone unless you were local to them.
 
Upvote 0 Downvote
Oh yeah---going over the internet...well, instead of a proxy, why not just rely on NAT?

Burt
 
Upvote 0 Downvote
A browser isn't going to make a difference. IPs are changed long after the browser has done it's job, usually after the traffic has left the client pc.


"We must fall back upon the old axiom that when all other contingencies fail, whatever remains, however improbable, must be the truth." - Sherlock Holmes

 
Upvote 0 Downvote
Thanks for the help guys. :)


LawnBoy,

I found this on Wikipedia:

<<Bypass AOL's proxy system

Use a different web browser such as Mozilla Firefox or Opera. These browsers are not configured to use the AOL proxies by default.>>



I logged into AOL and found that indeed their proxy IPs can change with every request.

I have one last question. I noticed my AOL IP changed from 207.200.116.67 to 207.200.116.131. The first 3 octets never changed throughout. Would using the first 2 or 3 octets be reliable enough as part of a computer signature?

Basically, how often do IPs change entirely during a single HTTP session?
 
Upvote 0 Downvote
I thought you were talking about real systems, not AOL. I'm not surprised that you can't change settings in the AOL browser. Hopefully you noticed that the browser does not change the IP, the proxy does. You can try to bypass a proxy with any browser (except the obsolete junk that is the AOL browser, apparently).

I don't think using an IP address is a reasonable way of identifying a client on the internet. There are 65,000-odd addresses that use the first two octets, and 250-odd addresses using the first three octets. Use a cookie, that's what they're for.

How often a proxy changes an IP is entirely up to whoever is running the proxy.

"We must fall back upon the old axiom that when all other contingencies fail, whatever remains, however improbable, must be the truth." - Sherlock Holmes

 
Upvote 0 Downvote
Thanks for clearing everything up for me. :))

My goal is to prevent session hijacking without SSL, where a hacker sniffs HTTP packets, finds someone's session identifier (in-memory cookie) and hijacks it as his own.

The only problem with persistent cookies, is that they can be hijacked as well. If someone sniffs my HTTP packet, he can see both my in-memory cookie and persistent cookies.

Another option I have is to hash my user's User-Agent header, place it in a session variable and compare with every request that they are the same. However, User-Agent headers I've read may not be reliable (can change), and hackers can spoof this information..
 
Upvote 0 Downvote
IP addresses can be spoofed too. So can a MAC address, for that matter. Pretty much anything that's not encrypted can be.


"We must fall back upon the old axiom that when all other contingencies fail, whatever remains, however improbable, must be the truth." - Sherlock Holmes

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

CryptoTuke
  • Locked
  • Question
Maximum buffer size on Winsock for sending one block of data over TCP / IP
Replies
1
Views
193
maybeimaleo
maybeimaleo
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
159
sbcsu
sbcsu
Demon Monkey
  • Locked
  • Question
Whitelisting varying IP address?
Replies
2
Views
143
SamBones
SamBones
uuunnniiixxx
  • Locked
  • Question
Fieldbus vs TCP/IP
Replies
2
Views
152
meneerB
meneerB
F_Ionut
  • Locked
  • Question
TCP-IP over GPRS with Modbus
Replies
1
Views
64
robertjo24
robertjo24

Part and Inventory Search

Sponsor

Back
Top