I've been to a few websites where it displays the town, state (if USA),
country I'm browsing from. Now, I know that detecting country is easy, but
how do you determine the town?
What ASP components do this?
Thanks,
Bill. 32 4235
there is no guaranteed way of doing this...
Best you can do it get the users IP and do some geo-lookups but even these
aren't accurate, they will only get you a location for the users ISP at
best.....
You may want to rethink what you are trying to do.,
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl... I've been to a few websites where it displays the town, state (if USA), country I'm browsing from. Now, I know that detecting country is easy, but how do you determine the town?
What ASP components do this?
Thanks,
Bill. http://www.countryhawk.com/
--
This is my signature. It is a general reminder.
Please post DDL, sample data and desired results.
See http://www.aspfaq.com/5006 for info.
"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl... I've been to a few websites where it displays the town, state (if USA), country I'm browsing from. Now, I know that detecting country is easy, but how do you determine the town?
What ASP components do this?
Thanks,
Bill.
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general: I've been to a few websites where it displays the town, state (if USA), country I'm browsing from. Now, I know that detecting country is easy, but how do you determine the town?
What ASP components do this?
You do not need a component,
just ask the user,
all other methods being incorrect more often than not.
Millions of users will vouch this code as being correct:
<%
a=7
if a<8 then
%>You live in the New York, NY<%
else
%>You are dead<%
end if
%>
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:uB**************@TK2MSFTNGP15.phx.gbl... http://www.countryhawk.com/
This does not detect town.
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
I've been to a few websites where it displays the town, state (if USA), country I'm browsing from. Now, I know that detecting country is easy, but how do you determine the town?
What ASP components do this?
You do not need a component, just ask the user, all other methods being incorrect more often than not.
This is for a password security system, to prevent re-use of passwords
issued to corporate accounts. So, asking the user kinda defeats the
security, don't you think?
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:OX*************@TK2MSFTNGP09.phx.gbl... there is no guaranteed way of doing this... Best you can do it get the users IP and do some geo-lookups but even these aren't accurate, they will only get you a location for the users ISP at best.....
That's the old way.
Most reverse DNSs now give you the domain not of the ISP, but of the user's
internet connection location to the ISP, which then needs to be decoded
(which is what I'm asking for) to give you the town. You may want to rethink what you are trying to do.,
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message news:OL*************@tk2msftngp13.phx.gbl... I've been to a few websites where it displays the town, state (if USA), country I'm browsing from. Now, I know that detecting country is easy,
but how do you determine the town?
What ASP components do this?
Thanks,
Bill.
That's not going to help though.. I mean my DNS/IP comes back as being from
a town over 45 min away....
There is NO WAY to get this info accurately.....
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:eC**************@TK2MSFTNGP10.phx.gbl... "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message news:OX*************@TK2MSFTNGP09.phx.gbl... there is no guaranteed way of doing this... Best you can do it get the users IP and do some geo-lookups but even these aren't accurate, they will only get you a location for the users ISP at best.....
That's the old way.
Most reverse DNSs now give you the domain not of the ISP, but of the user's internet connection location to the ISP, which then needs to be decoded (which is what I'm asking for) to give you the town.
You may want to rethink what you are trying to do.,
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message news:OL*************@tk2msftngp13.phx.gbl... > I've been to a few websites where it displays the town, state (if USA), > country I'm browsing from. Now, I know that detecting country is easy, but > how do you determine the town? > > What ASP components do this? > > Thanks, > > Bill. > > >
nothing does, not accurately.....
Its a proximity guess at best......
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:eh**************@tk2msftngp13.phx.gbl... "Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message news:uB**************@TK2MSFTNGP15.phx.gbl... http://www.countryhawk.com/
This does not detect town.
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general: "Evertjan." <ex**************@interxnl.net> wrote in message news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> I've been to a few websites where it displays the town, state (if > USA), country I'm browsing from. Now, I know that detecting country is > easy, but how do you determine the town? > > What ASP components do this? >
You do not need a component, just ask the user, all other methods being incorrect more often than not.
This is for a password security system, to prevent re-use of passwords issued to corporate accounts. So, asking the user kinda defeats the security, don't you think?
You seem to have a strange sense of security,
trusting a virtual component like that.
--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)
> This is for a password security system, to prevent re-use of passwords issued to corporate accounts.
So if I sign on using AOL, and it says I am from Reston, VA instead of my
real hometown, suddenly I'm not allowed in? I'll have to echo Evertjan
here... that's a very peculiar security system. And I'll also echo Curt's
comments, that there is no reliable way to guarantee that the town reported
by geo-lookups is the town the user is really in. Even high-speed cable and
DSL services (Cox, SBC, RoadRunner, Verizon) can rotate your connection out
and unwittingly place you in a different town, even though you haven't gone
anywhere. With multiple data centers your connection could be routed
anywhere... especially with the bigger ISPs.
A
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
"Evertjan." <ex**************@interxnl.net> wrote in message news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> I've been to a few websites where it displays the town, state (if > USA), country I'm browsing from. Now, I know that detecting country
is > easy, but how do you determine the town? > > What ASP components do this? >
You do not need a component, just ask the user, all other methods being incorrect more often than not.
This is for a password security system, to prevent re-use of passwords issued to corporate accounts. So, asking the user kinda defeats the security, don't you think?
You seem to have a strange sense of security, trusting a virtual component like that.
you seemd to be pretty narrow minded, thinking that I don't have other
methods of security.
"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:uN**************@TK2MSFTNGP10.phx.gbl... This is for a password security system, to prevent re-use of passwords issued to corporate accounts.
So if I sign on using AOL, and it says I am from Reston, VA instead of my real hometown, suddenly I'm not allowed in?
Again, you are thinking two years ago. More and more ISPs are giving you the
exact town in the reverse DNS. For example, Comcast Cable used to report
back only the location of network access. Now, it gives back the exact town
you're accessing the internet from. DSL lines, that two years ago used to
only show the location of the CO, now give you the town. Many dialups, like
AT&T will also give you a reverse DNS of your access phone number, which can
tell you the location. More and more ISPs are adopting this.
For example, I just found a component called Geobytes, which reports back
the user town and location. It also reports back any proxy types. So, if you
are using something like AOL dialup, then you are accessing thru a type of
proxy, and Geobytes reports this, so that I know the location data isn't
accurate, and I can hand-code the security properly.
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general: "Evertjan." <ex**************@interxnl.net> wrote in message Victor wrote on 11 apr 2005 in
[..] > "Evertjan." <ex**************@interxnl.net> wrote in message >> Victor wrote on 11 apr 2005 in
> This is for a password security system, to prevent re-use of > passwords issued to corporate accounts. So, asking the user kinda > defeats the security, don't you think?
You seem to have a strange sense of security, trusting a virtual component like that.
you seemd to be pretty narrow minded, thinking that I don't have other methods of security.
Narrow minded??
This is neither here nor there.
It was YOU that came up with this as a means of security.
It was you that wanted our help.
So you too don't trust such component? Then why use it?
--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
"Evertjan." <ex**************@interxnl.net> wrote in message Victor wrote on 11 apr 2005 in [..] > "Evertjan." <ex**************@interxnl.net> wrote in message >> Victor wrote on 11 apr 2005 in This is for a password security system, to prevent re-use of > passwords issued to corporate accounts. So, asking the user kinda > defeats the security, don't you think?
You seem to have a strange sense of security, trusting a virtual component like that.
you seemd to be pretty narrow minded, thinking that I don't have other methods of security.
Narrow minded??
Yes, because you are looking at the problem from a very narrow minded
perspective. Like all components, and all programming, there needs to be
error-checking in case the component doesn't provide the required
functionality.
Do you understand the concept of error-checking?
Victor wrote on 12 apr 2005 in microsoft.public.inetserver.asp.general: "Evertjan." <ex**************@interxnl.net> wrote in message news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> > "Evertjan." <ex**************@interxnl.net> wrote in message >> Victor wrote on 11 apr 2005 in [..] >> > "Evertjan." <ex**************@interxnl.net> wrote in message >> >> Victor wrote on 11 apr 2005 in
>> > This is for a password security system, to prevent re-use of >> > passwords issued to corporate accounts. So, asking the user >> > kinda defeats the security, don't you think? >> >> You seem to have a strange sense of security, >> trusting a virtual component like that. > > you seemd to be pretty narrow minded, thinking that I don't have > other methods of security. >
Narrow minded??
Yes, because you are looking at the problem from a very narrow minded perspective. Like all components, and all programming, there needs to be error-checking in case the component doesn't provide the required functionality.
Do you understand the concept of error-checking?
You are both insulting and bringning in new unmentioned points that have
nothing to do with your OQ.
You were asking about localisation by IP, which we answered.
Then you said you you wanted it for security, which we answered.
Then you said I was narrow minded,
because I did not know that you would not depend on that security, which
I answered. Now you say we should not warn you because we schould know
you would depend on error checking anyway, which concwept I would have
to know, but that you did not introduce before.
You better not be my programmer.
I have had enough of this.
--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)
> Again, you are thinking two years ago.
Oh brother. All right, let us know how you make out. You asked for our
help, we tried to offer it, it wasn't good enough for you, so I suggest you
try elsewhere before you alienate all of the regulars with your attitude.
On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote: "Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message news:OX*************@TK2MSFTNGP09.phx.gbl... there is no guaranteed way of doing this... Best you can do it get the users IP and do some geo-lookups but even these aren't accurate, they will only get you a location for the users ISP at best.....
That's the old way.
Most reverse DNSs now give you the domain not of the ISP, but of the user's internet connection location to the ISP, which then needs to be decoded (which is what I'm asking for) to give you the town.
Reverse DNS gets you whatever is entered in the in-addr.arpa reverse
domain for the zone. It may be an indicator of location, it may not.
Now, how do you get my country and town when I dial into a Canadian
ISP from here in the US?
Jeff You may want to rethink what you are trying to do.,
-- Curt Christianson Site & Scripts: http://www.Darkfalz.com Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message news:OL*************@tk2msftngp13.phx.gbl... > I've been to a few websites where it displays the town, state (if USA), > country I'm browsing from. Now, I know that detecting country is easy,but > how do you determine the town? > > What ASP components do this? > > Thanks, > > Bill. > > >
On Mon, 11 Apr 2005 15:35:36 -0400, "Victor" <bl***@blank.com> wrote: "Evertjan." <ex**************@interxnl.net> wrote in message news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> I've been to a few websites where it displays the town, state (if > USA), country I'm browsing from. Now, I know that detecting country is > easy, but how do you determine the town? > > What ASP components do this? >
You do not need a component, just ask the user, all other methods being incorrect more often than not.
This is for a password security system, to prevent re-use of passwords issued to corporate accounts. So, asking the user kinda defeats the security, don't you think?
I'm at a loss as to why the town/country would be involved, or even
make a valid indicator for security purposes.
Jeff
On Mon, 11 Apr 2005 17:46:11 -0400, "Victor" <bl***@blank.com> wrote: "Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message news:uN**************@TK2MSFTNGP10.phx.gbl... > This is for a password security system, to prevent re-use of passwords > issued to corporate accounts. So if I sign on using AOL, and it says I am from Reston, VA instead of my real hometown, suddenly I'm not allowed in?
Again, you are thinking two years ago. More and more ISPs are giving you the exact town in the reverse DNS. For example, Comcast Cable used to report back only the location of network access. Now, it gives back the exact town you're accessing the internet from. DSL lines, that two years ago used to only show the location of the CO, now give you the town. Many dialups, like AT&T will also give you a reverse DNS of your access phone number, which can tell you the location. More and more ISPs are adopting this.
Okay, so now your security relies on an ISP entering information into
a PTR record that you can refer to, then possibly adapt in some other
manner if it isn't directly what you're looking for, then if all fails
you'll still do it a different way. When you could skip all the
checking, do it faster and more accurately by forgetting the idea
altogether.
For example, I just found a component called Geobytes, which reports back the user town and location. It also reports back any proxy types. So, if you are using something like AOL dialup, then you are accessing thru a type of proxy, and Geobytes reports this, so that I know the location data isn't accurate, and I can hand-code the security properly.
Just checked it. Bummer, it shows I have a four hour drive home now.
Funny it took me 58 seconds to drive it on the way in, how did I
suddenly move 190 miles north? Oh well, if it had moved me the same
distance due south I'd need a visa to get home. Oh, and a home-made
raft that would be missed by the Cuban gunboats.
Guess maybe I really should configure a PTR record for the NAT address
so your security will work.
Jeff
I find this discussion amusing, since my desktop would be an abomination
for this kind of security checking. Right now I have five publically
available IP addresses on three continents, none of which appears to be
within 200 kilometers of where I'm actually located!
-PatP
========================================
Please post DDL at the very least, and DML when possible to make it
easier for people to help you.
Please reply only via newsgroups, as I rarely reply to email. The
letters BAM should actually be AOL throughout my whole email address.
*** Sent via Developersdex http://www.developersdex.com ***
Geez Pat, you must be living two years ago. Did you write to us using a
time machine? :-)
--
This is my signature. It is a general reminder.
Please post DDL, sample data and desired results.
See http://www.aspfaq.com/5006 for info.
"Pat Phelan" <ph********@bam.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... I find this discussion amusing, since my desktop would be an abomination for this kind of security checking. Right now I have five publically available IP addresses on three continents, none of which appears to be within 200 kilometers of where I'm actually located!
> Geez Pat, you must be living two years ago. Did you write to us using
a time machine? :-)
Time has no meaning on the Internet. Where else do you find fourty
people waiting to play games at 02:00 (well, besides a college campus
anyway)???
-PatP
========================================
Please post DDL at the very least, and DML when possible to make it
easier for people to help you.
Please reply only via newsgroups, as I rarely reply to email. The
letters BAM should actually be AOL throughout my whole email address.
*** Sent via Developersdex http://www.developersdex.com ***
"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com... On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:
"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message news:OX*************@TK2MSFTNGP09.phx.gbl... there is no guaranteed way of doing this... Best you can do it get the users IP and do some geo-lookups but even
these aren't accurate, they will only get you a location for the users ISP at best.....
That's the old way.
Most reverse DNSs now give you the domain not of the ISP, but of the
user'sinternet connection location to the ISP, which then needs to be decoded (which is what I'm asking for) to give you the town.
Reverse DNS gets you whatever is entered in the in-addr.arpa reverse domain for the zone. It may be an indicator of location, it may not.
Now, how do you get my country and town when I dial into a Canadian ISP from here in the US?
Like I wrote, I get the location of the Canadian ISP connection (duh), which
is exactly what I was telling you when I wrote that you get "the user's
internet connection to the ISP". Do you need me to explain that more fully
to you?
Dude.... let it go...
You've managed to be rude to at least 3-4 of the top contributers already.
Being pissy about an answer that someone has taken the time to give you will
NEVER get you anywhere.
--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:uy**************@TK2MSFTNGP09.phx.gbl... "Jeff Cochran" <je*********@zina.com> wrote in message news:42***************@msnews.microsoft.com... On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:
> >"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message >news:OX*************@TK2MSFTNGP09.phx.gbl... >> there is no guaranteed way of doing this... >> Best you can do it get the users IP and do some geo-lookups but even these >> aren't accurate, they will only get you a location for the users ISP >> at >> best..... > >That's the old way. > >Most reverse DNSs now give you the domain not of the ISP, but of the user's >internet connection location to the ISP, which then needs to be decoded >(which is what I'm asking for) to give you the town.
Reverse DNS gets you whatever is entered in the in-addr.arpa reverse domain for the zone. It may be an indicator of location, it may not.
Now, how do you get my country and town when I dial into a Canadian ISP from here in the US?
Like I wrote, I get the location of the Canadian ISP connection (duh), which is exactly what I was telling you when I wrote that you get "the user's internet connection to the ISP". Do you need me to explain that more fully to you?
"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29... Victor wrote on 12 apr 2005 in microsoft.public.inetserver.asp.general:
"Evertjan." <ex**************@interxnl.net> wrote in message news:Xn********************@194.109.133.29... Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> > "Evertjan." <ex**************@interxnl.net> wrote in message >> Victor wrote on 11 apr 2005 in [..] >> > "Evertjan." <ex**************@interxnl.net> wrote in message >> >> Victor wrote on 11 apr 2005 in
>> > This is for a password security system, to prevent re-use of >> > passwords issued to corporate accounts. So, asking the user >> > kinda defeats the security, don't you think? >> >> You seem to have a strange sense of security, >> trusting a virtual component like that. > > you seemd to be pretty narrow minded, thinking that I don't have > other methods of security. >
Narrow minded?? Yes, because you are looking at the problem from a very narrow minded perspective. Like all components, and all programming, there needs to be error-checking in case the component doesn't provide the required functionality.
Do you understand the concept of error-checking?
You are both insulting and bringning in new unmentioned points that have nothing to do with your OQ.
Well, you kind of prove my point with the above post. You are more concerned
with an extremely narrow-minded examination of the language I use (troll
mentality?) than taking a broad-minded view of looking at what exactly is
the problem and how can it be solved in a FLEXIBLE and ADAPTABLE programming
environment. You were asking about localisation by IP, which we answered. Then you said you you wanted it for security, which we answered. Then you said I was narrow minded, because I did not know that you would not depend on that security, which I answered. Now you say we should not warn you because we schould know you would depend on error checking anyway, which concwept I would have to know, but that you did not introduce before.
Exactly my point - you are taking an extremely narrow minded view of the
details, and ignoring the philosphy of the problem.
Let me explain error-checking to you - you take a component (like the one
discussed) and you ask yourself
1. Under what circumstances will this component perform as expected
This takes into account the component performing as documented, and also
user compliance with the component's intended functionality in the system.
2. Under what circumstances will the component NOT perform as expected
This takes into account the component NOT performing as documented
(including malfunctioning or being unavailable), and also the user's
behavior that is NOT compliant with the component's functionality in the
system (including user error and user deliberately defeating the intended
functiionality of the component).
These are the basic assumptions I make when error checking. Of course, on
the one extreme there is no error checking, on the other extreme you are
error checking for statistically insignificant errors. A good programmer
finds that happy median in the middle. It's a zen thing.
YOU are making the assumption that, for this component to be useful based
upon a narrow interpretation of what I wrote, that there is no error
checking, and that this is the ONLY method of security and that the
component must always provide the user's location consistantly and that its
INTENDED purpose is never defeated by the user.
*I* make the assumption that both #1 and #2 must be addressed, and that this
is inherent in the use of any component. You, on the other hand, make as
narrow-minded an interpretation of what I've written as you can so that you
can feel better about yourself as a programmer. You better not be my programmer.
You would never be a member of one of my programming teams. You are not
concerend with end-result. I have had enough of this.
That much is clear. -- Evertjan. The Netherlands. (Replace all crosses with dots in my emailaddress)
"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
: Okay, so now your security relies on an ISP entering information into a PTR record that you can refer to, then possibly adapt in some other
No, I'm saying that ONE aspect of my security uses this. My security does
not RELY on this.
"Pat Phelan" <ph********@bam.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... I find this discussion amusing, since my desktop would be an abomination
Isn't that a line from a Dilbert cartoon? "The unspeakable abominations from
my desktop..."
On Wed, 13 Apr 2005 14:21:58 -0400, "Victor" <bl***@blank.com> wrote: "Jeff Cochran" <je*********@zina.com> wrote in message news:42***************@msnews.microsoft.com... : Okay, so now your security relies on an ISP entering information into a PTR record that you can refer to, then possibly adapt in some other
No, I'm saying that ONE aspect of my security uses this. My security does not RELY on this.
I'm still puzzling how it could even be a part of a security test,
since it is so highly inaccurate and depends on information you can't
guarantee is correct. Let's say I edit my PTR records to point to the
town you expect the person I'm impersonating to be from, does that
improve my chances of bypassing your security?
I equate this with a security guard at a bank. Since many bank
employees wear white shirts, is there any realistic reason the guard
should use a white shirt as an indicator of access level? There will
likely be non-employees wearing white shirts, there may be employees
wearing colored shirts and there is nothing to prevent the bank robber
from wearing a white shirt.
Jeff
On Wed, 13 Apr 2005 14:03:53 -0400, "Victor" <bl***@blank.com> wrote: "Jeff Cochran" <je*********@zina.com> wrote in message news:42***************@msnews.microsoft.com... On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:
> >"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message >news:OX*************@TK2MSFTNGP09.phx.gbl... >> there is no guaranteed way of doing this... >> Best you can do it get the users IP and do some geo-lookups but eventhese >> aren't accurate, they will only get you a location for the users ISP at >> best..... > >That's the old way. > >Most reverse DNSs now give you the domain not of the ISP, but of theuser's >internet connection location to the ISP, which then needs to be decoded >(which is what I'm asking for) to give you the town.
Reverse DNS gets you whatever is entered in the in-addr.arpa reverse domain for the zone. It may be an indicator of location, it may not.
Now, how do you get my country and town when I dial into a Canadian ISP from here in the US?
Like I wrote, I get the location of the Canadian ISP connection (duh), which is exactly what I was telling you when I wrote that you get "the user's internet connection to the ISP". Do you need me to explain that more fully to you?
I understand you, and your explanation. What I don't understand is
how the Canadian ISP location I dialed into equates in any way to
identifying me or my security access, since I only dialed the Canadian
number because my US ISP was busy for two hours straight.
Jeff
> Do you need me to explain that more fully to you?
Hard to explain anything from a killfile. *plonk*
"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com... On Wed, 13 Apr 2005 14:03:53 -0400, "Victor" <bl***@blank.com> wrote:
"Jeff Cochran" <je*********@zina.com> wrote in message news:42***************@msnews.microsoft.com... On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:
> >"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message >news:OX*************@TK2MSFTNGP09.phx.gbl... >> there is no guaranteed way of doing this... >> Best you can do it get the users IP and do some geo-lookups but even these >> aren't accurate, they will only get you a location for the users ISP
at >> best..... > >That's the old way. > >Most reverse DNSs now give you the domain not of the ISP, but of the user's >internet connection location to the ISP, which then needs to be
decoded >(which is what I'm asking for) to give you the town.
Reverse DNS gets you whatever is entered in the in-addr.arpa reverse domain for the zone. It may be an indicator of location, it may not.
Now, how do you get my country and town when I dial into a Canadian ISP from here in the US?
Like I wrote, I get the location of the Canadian ISP connection (duh),
whichis exactly what I was telling you when I wrote that you get "the user's internet connection to the ISP". Do you need me to explain that more
fullyto you?
I understand you, and your explanation. What I don't understand is how the Canadian ISP location I dialed into equates in any way to identifying me or my security access, since I only dialed the Canadian number because my US ISP was busy for two hours straight.
For the situation you mention above... hmmm... O.K., I guess I'll have to
handle it by tracking some users with a persistent cookie.
in pseudoCode,
' So, when the user logs in the very first time,
IF GeoBytesLocation <> "undefined", and other security stuff is valid,
THEN set persistant cookie and record browser ID
END IF
'On subsequent login,
IF the GeoBytesLocation is within xxx miles, and other security stuff is
valid,
THEN it's O.K., and set cookie
Log them in
ELSE 'it's outside of xxx miles
check if it's been X hours since login 'maybe they're travelling?
check if "Proxy Network" '(AOL, MSN, etc)
check for cookie
do other non-geographic security stuff
make decision if it's O.K.
END IF
This is going to depend upon other stuff as well, since some users delete
all their cookies on a regular basis.
"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com... On Wed, 13 Apr 2005 14:21:58 -0400, "Victor" <bl***@blank.com> wrote:
"Jeff Cochran" <je*********@zina.com> wrote in message news:42***************@msnews.microsoft.com... : Okay, so now your security relies on an ISP entering information into a PTR record that you can refer to, then possibly adapt in some other
No, I'm saying that ONE aspect of my security uses this. My security does not RELY on this.
I'm still puzzling how it could even be a part of a security test, since it is so highly inaccurate and depends on information you can't guarantee is correct. Let's say I edit my PTR records to point to the town you expect the person I'm impersonating to be from, does that improve my chances of bypassing your security?
I equate this with a security guard at a bank. Since many bank employees wear white shirts, is there any realistic reason the guard should use a white shirt as an indicator of access level? There will likely be non-employees wearing white shirts, there may be employees wearing colored shirts and there is nothing to prevent the bank robber from wearing a white shirt.
These are good questions. From what I can see from GeoBytes, there's a
variable that gives you a percent of certainty of the location. For example,
if I access using Comcast Cable, or Verizon DSL, it will give me a location
with a certainty of 98%. If I access using AOL, it may give me a certainty
of 20%. An AT&T dialup might give me a certainty of 85% for the dialup
location while also setting one of the proxy bits telling me that could have
dialed up from anywhere in the world to that location.
The real issue for me is properly coding in the LOGIC to take this stuff
into account (by considering the objections I'm reading here). This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: abracad |
last post by:
Hi
Is there any (preferably free) PHP script that will identify the
country of a visitor, thus allowing one page to be delivered to those
from A, B and C, and another to those from X, Y and Z?
...
|
by: bush |
last post by:
hi everyone!
i want to get the ipaddress,and the country name of a webpage
visitor,using asp.Net(C#).if anyone knows about it,plz rply me.
thanx in advance.
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |