By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,084 Members | 1,214 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,084 IT Pros & Developers. It's quick & easy.

Detect Visitor's Town and Country

P: n/a
I've been to a few websites where it displays the town, state (if USA),
country I'm browsing from. Now, I know that detecting country is easy, but
how do you determine the town?

What ASP components do this?

Thanks,

Bill.

Jul 22 '05 #1
Share this Question
Share on Google+
32 Replies


P: n/a
there is no guaranteed way of doing this...
Best you can do it get the users IP and do some geo-lookups but even these
aren't accurate, they will only get you a location for the users ISP at
best.....

You may want to rethink what you are trying to do.,

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl...
I've been to a few websites where it displays the town, state (if USA),
country I'm browsing from. Now, I know that detecting country is easy, but
how do you determine the town?

What ASP components do this?

Thanks,

Bill.

Jul 22 '05 #2

P: n/a
http://www.countryhawk.com/

--
This is my signature. It is a general reminder.
Please post DDL, sample data and desired results.
See http://www.aspfaq.com/5006 for info.

"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl...
I've been to a few websites where it displays the town, state (if USA),
country I'm browsing from. Now, I know that detecting country is easy, but
how do you determine the town?

What ASP components do this?

Thanks,

Bill.

Jul 22 '05 #3

P: n/a
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
I've been to a few websites where it displays the town, state (if
USA), country I'm browsing from. Now, I know that detecting country is
easy, but how do you determine the town?

What ASP components do this?


You do not need a component,
just ask the user,
all other methods being incorrect more often than not.

Millions of users will vouch this code as being correct:

<%
a=7

if a<8 then
%>You live in the New York, NY<%
else
%>You are dead<%
end if

%>

--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
Jul 22 '05 #4

P: n/a

"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:uB**************@TK2MSFTNGP15.phx.gbl...
http://www.countryhawk.com/


This does not detect town.


Jul 22 '05 #5

P: n/a

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
I've been to a few websites where it displays the town, state (if
USA), country I'm browsing from. Now, I know that detecting country is
easy, but how do you determine the town?

What ASP components do this?


You do not need a component,
just ask the user,
all other methods being incorrect more often than not.


This is for a password security system, to prevent re-use of passwords
issued to corporate accounts. So, asking the user kinda defeats the
security, don't you think?


Jul 22 '05 #6

P: n/a

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:OX*************@TK2MSFTNGP09.phx.gbl...
there is no guaranteed way of doing this...
Best you can do it get the users IP and do some geo-lookups but even these
aren't accurate, they will only get you a location for the users ISP at
best.....
That's the old way.

Most reverse DNSs now give you the domain not of the ISP, but of the user's
internet connection location to the ISP, which then needs to be decoded
(which is what I'm asking for) to give you the town.


You may want to rethink what you are trying to do.,

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl...
I've been to a few websites where it displays the town, state (if USA),
country I'm browsing from. Now, I know that detecting country is easy, but how do you determine the town?

What ASP components do this?

Thanks,

Bill.


Jul 22 '05 #7

P: n/a
That's not going to help though.. I mean my DNS/IP comes back as being from
a town over 45 min away....
There is NO WAY to get this info accurately.....

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:eC**************@TK2MSFTNGP10.phx.gbl...

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:OX*************@TK2MSFTNGP09.phx.gbl...
there is no guaranteed way of doing this...
Best you can do it get the users IP and do some geo-lookups but even
these
aren't accurate, they will only get you a location for the users ISP at
best.....


That's the old way.

Most reverse DNSs now give you the domain not of the ISP, but of the
user's
internet connection location to the ISP, which then needs to be decoded
(which is what I'm asking for) to give you the town.


You may want to rethink what you are trying to do.,

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl...
> I've been to a few websites where it displays the town, state (if USA),
> country I'm browsing from. Now, I know that detecting country is easy, but > how do you determine the town?
>
> What ASP components do this?
>
> Thanks,
>
> Bill.
>
>
>



Jul 22 '05 #8

P: n/a
nothing does, not accurately.....
Its a proximity guess at best......

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:eh**************@tk2msftngp13.phx.gbl...

"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:uB**************@TK2MSFTNGP15.phx.gbl...
http://www.countryhawk.com/


This does not detect town.

Jul 22 '05 #9

P: n/a
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> I've been to a few websites where it displays the town, state (if
> USA), country I'm browsing from. Now, I know that detecting country is
> easy, but how do you determine the town?
>
> What ASP components do this?
>


You do not need a component,
just ask the user,
all other methods being incorrect more often than not.


This is for a password security system, to prevent re-use of passwords
issued to corporate accounts. So, asking the user kinda defeats the
security, don't you think?


You seem to have a strange sense of security,
trusting a virtual component like that.

--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Jul 22 '05 #10

P: n/a
> This is for a password security system, to prevent re-use of passwords
issued to corporate accounts.


So if I sign on using AOL, and it says I am from Reston, VA instead of my
real hometown, suddenly I'm not allowed in? I'll have to echo Evertjan
here... that's a very peculiar security system. And I'll also echo Curt's
comments, that there is no reliable way to guarantee that the town reported
by geo-lookups is the town the user is really in. Even high-speed cable and
DSL services (Cox, SBC, RoadRunner, Verizon) can rotate your connection out
and unwittingly place you in a different town, even though you haven't gone
anywhere. With multiple data centers your connection could be routed
anywhere... especially with the bigger ISPs.

A
Jul 22 '05 #11

P: n/a

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:

> I've been to a few websites where it displays the town, state (if
> USA), country I'm browsing from. Now, I know that detecting country is > easy, but how do you determine the town?
>
> What ASP components do this?
>

You do not need a component,
just ask the user,
all other methods being incorrect more often than not.


This is for a password security system, to prevent re-use of passwords
issued to corporate accounts. So, asking the user kinda defeats the
security, don't you think?


You seem to have a strange sense of security,
trusting a virtual component like that.


you seemd to be pretty narrow minded, thinking that I don't have other
methods of security.


Jul 22 '05 #12

P: n/a

"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:uN**************@TK2MSFTNGP10.phx.gbl...
This is for a password security system, to prevent re-use of passwords
issued to corporate accounts.


So if I sign on using AOL, and it says I am from Reston, VA instead of my
real hometown, suddenly I'm not allowed in?


Again, you are thinking two years ago. More and more ISPs are giving you the
exact town in the reverse DNS. For example, Comcast Cable used to report
back only the location of network access. Now, it gives back the exact town
you're accessing the internet from. DSL lines, that two years ago used to
only show the location of the CO, now give you the town. Many dialups, like
AT&T will also give you a reverse DNS of your access phone number, which can
tell you the location. More and more ISPs are adopting this.

For example, I just found a component called Geobytes, which reports back
the user town and location. It also reports back any proxy types. So, if you
are using something like AOL dialup, then you are accessing thru a type of
proxy, and Geobytes reports this, so that I know the location data isn't
accurate, and I can hand-code the security properly.

Jul 22 '05 #13

P: n/a
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:

"Evertjan." <ex**************@interxnl.net> wrote in message
Victor wrote on 11 apr 2005 in [..]
> "Evertjan." <ex**************@interxnl.net> wrote in message
>> Victor wrote on 11 apr 2005 in > This is for a password security system, to prevent re-use of
> passwords issued to corporate accounts. So, asking the user kinda
> defeats the security, don't you think?


You seem to have a strange sense of security,
trusting a virtual component like that.


you seemd to be pretty narrow minded, thinking that I don't have other
methods of security.


Narrow minded??

This is neither here nor there.

It was YOU that came up with this as a means of security.
It was you that wanted our help.

So you too don't trust such component? Then why use it?

--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Jul 22 '05 #14

P: n/a

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:

"Evertjan." <ex**************@interxnl.net> wrote in message
Victor wrote on 11 apr 2005 in [..] > "Evertjan." <ex**************@interxnl.net> wrote in message
>> Victor wrote on 11 apr 2005 in This is for a password security system, to prevent re-use of
> passwords issued to corporate accounts. So, asking the user kinda
> defeats the security, don't you think?

You seem to have a strange sense of security,
trusting a virtual component like that.


you seemd to be pretty narrow minded, thinking that I don't have other
methods of security.


Narrow minded??


Yes, because you are looking at the problem from a very narrow minded
perspective. Like all components, and all programming, there needs to be
error-checking in case the component doesn't provide the required
functionality.

Do you understand the concept of error-checking?

Jul 22 '05 #15

P: n/a
Victor wrote on 12 apr 2005 in microsoft.public.inetserver.asp.general:

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in
microsoft.public.inetserver.asp.general:
>
> "Evertjan." <ex**************@interxnl.net> wrote in message
>> Victor wrote on 11 apr 2005 in

[..]
>> > "Evertjan." <ex**************@interxnl.net> wrote in message
>> >> Victor wrote on 11 apr 2005 in

>> > This is for a password security system, to prevent re-use of
>> > passwords issued to corporate accounts. So, asking the user
>> > kinda defeats the security, don't you think?
>>
>> You seem to have a strange sense of security,
>> trusting a virtual component like that.
>
> you seemd to be pretty narrow minded, thinking that I don't have
> other methods of security.
>


Narrow minded??


Yes, because you are looking at the problem from a very narrow minded
perspective. Like all components, and all programming, there needs to
be error-checking in case the component doesn't provide the required
functionality.

Do you understand the concept of error-checking?


You are both insulting and bringning in new unmentioned points that have
nothing to do with your OQ.

You were asking about localisation by IP, which we answered.
Then you said you you wanted it for security, which we answered.
Then you said I was narrow minded,
because I did not know that you would not depend on that security, which
I answered. Now you say we should not warn you because we schould know
you would depend on error checking anyway, which concwept I would have
to know, but that you did not introduce before.

You better not be my programmer.

I have had enough of this.

--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Jul 22 '05 #16

P: n/a
> Again, you are thinking two years ago.

Oh brother. All right, let us know how you make out. You asked for our
help, we tried to offer it, it wasn't good enough for you, so I suggest you
try elsewhere before you alienate all of the regulars with your attitude.
Jul 22 '05 #17

P: n/a
On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:OX*************@TK2MSFTNGP09.phx.gbl...
there is no guaranteed way of doing this...
Best you can do it get the users IP and do some geo-lookups but even these
aren't accurate, they will only get you a location for the users ISP at
best.....


That's the old way.

Most reverse DNSs now give you the domain not of the ISP, but of the user's
internet connection location to the ISP, which then needs to be decoded
(which is what I'm asking for) to give you the town.


Reverse DNS gets you whatever is entered in the in-addr.arpa reverse
domain for the zone. It may be an indicator of location, it may not.

Now, how do you get my country and town when I dial into a Canadian
ISP from here in the US?

Jeff

You may want to rethink what you are trying to do.,

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:OL*************@tk2msftngp13.phx.gbl...
> I've been to a few websites where it displays the town, state (if USA),
> country I'm browsing from. Now, I know that detecting country is easy,but > how do you determine the town?
>
> What ASP components do this?
>
> Thanks,
>
> Bill.
>
>
>



Jul 22 '05 #18

P: n/a
On Mon, 11 Apr 2005 15:35:36 -0400, "Victor" <bl***@blank.com> wrote:

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in microsoft.public.inetserver.asp.general:
> I've been to a few websites where it displays the town, state (if
> USA), country I'm browsing from. Now, I know that detecting country is
> easy, but how do you determine the town?
>
> What ASP components do this?
>


You do not need a component,
just ask the user,
all other methods being incorrect more often than not.


This is for a password security system, to prevent re-use of passwords
issued to corporate accounts. So, asking the user kinda defeats the
security, don't you think?


I'm at a loss as to why the town/country would be involved, or even
make a valid indicator for security purposes.

Jeff
Jul 22 '05 #19

P: n/a
On Mon, 11 Apr 2005 17:46:11 -0400, "Victor" <bl***@blank.com> wrote:

"Aaron [SQL Server MVP]" <te*****@dnartreb.noraa> wrote in message
news:uN**************@TK2MSFTNGP10.phx.gbl...
> This is for a password security system, to prevent re-use of passwords
> issued to corporate accounts.
So if I sign on using AOL, and it says I am from Reston, VA instead of my
real hometown, suddenly I'm not allowed in?


Again, you are thinking two years ago. More and more ISPs are giving you the
exact town in the reverse DNS. For example, Comcast Cable used to report
back only the location of network access. Now, it gives back the exact town
you're accessing the internet from. DSL lines, that two years ago used to
only show the location of the CO, now give you the town. Many dialups, like
AT&T will also give you a reverse DNS of your access phone number, which can
tell you the location. More and more ISPs are adopting this.


Okay, so now your security relies on an ISP entering information into
a PTR record that you can refer to, then possibly adapt in some other
manner if it isn't directly what you're looking for, then if all fails
you'll still do it a different way. When you could skip all the
checking, do it faster and more accurately by forgetting the idea
altogether.
For example, I just found a component called Geobytes, which reports back
the user town and location. It also reports back any proxy types. So, if you
are using something like AOL dialup, then you are accessing thru a type of
proxy, and Geobytes reports this, so that I know the location data isn't
accurate, and I can hand-code the security properly.


Just checked it. Bummer, it shows I have a four hour drive home now.
Funny it took me 58 seconds to drive it on the way in, how did I
suddenly move 190 miles north? Oh well, if it had moved me the same
distance due south I'd need a visa to get home. Oh, and a home-made
raft that would be missed by the Cuban gunboats.

Guess maybe I really should configure a PTR record for the NAT address
so your security will work.

Jeff
Jul 22 '05 #20

P: n/a
I find this discussion amusing, since my desktop would be an abomination
for this kind of security checking. Right now I have five publically
available IP addresses on three continents, none of which appears to be
within 200 kilometers of where I'm actually located!

-PatP

========================================
Please post DDL at the very least, and DML when possible to make it
easier for people to help you.

Please reply only via newsgroups, as I rarely reply to email. The
letters BAM should actually be AOL throughout my whole email address.

*** Sent via Developersdex http://www.developersdex.com ***
Jul 22 '05 #21

P: n/a
Geez Pat, you must be living two years ago. Did you write to us using a
time machine? :-)

--
This is my signature. It is a general reminder.
Please post DDL, sample data and desired results.
See http://www.aspfaq.com/5006 for info.

"Pat Phelan" <ph********@bam.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
I find this discussion amusing, since my desktop would be an abomination
for this kind of security checking. Right now I have five publically
available IP addresses on three continents, none of which appears to be
within 200 kilometers of where I'm actually located!

Jul 22 '05 #22

P: n/a
> Geez Pat, you must be living two years ago. Did you write to us using
a
time machine? :-)


Time has no meaning on the Internet. Where else do you find fourty
people waiting to play games at 02:00 (well, besides a college campus
anyway)???

-PatP

========================================
Please post DDL at the very least, and DML when possible to make it
easier for people to help you.

Please reply only via newsgroups, as I rarely reply to email. The
letters BAM should actually be AOL throughout my whole email address.

*** Sent via Developersdex http://www.developersdex.com ***
Jul 22 '05 #23

P: n/a

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:

"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
news:OX*************@TK2MSFTNGP09.phx.gbl...
there is no guaranteed way of doing this...
Best you can do it get the users IP and do some geo-lookups but even these aren't accurate, they will only get you a location for the users ISP at
best.....


That's the old way.

Most reverse DNSs now give you the domain not of the ISP, but of the user'sinternet connection location to the ISP, which then needs to be decoded
(which is what I'm asking for) to give you the town.


Reverse DNS gets you whatever is entered in the in-addr.arpa reverse
domain for the zone. It may be an indicator of location, it may not.

Now, how do you get my country and town when I dial into a Canadian
ISP from here in the US?


Like I wrote, I get the location of the Canadian ISP connection (duh), which
is exactly what I was telling you when I wrote that you get "the user's
internet connection to the ISP". Do you need me to explain that more fully
to you?


Jul 22 '05 #24

P: n/a
Dude.... let it go...
You've managed to be rude to at least 3-4 of the top contributers already.
Being pissy about an answer that someone has taken the time to give you will
NEVER get you anywhere.

--
Curt Christianson
Site & Scripts: http://www.Darkfalz.com
Blog: http://blog.Darkfalz.com
"Victor" <bl***@blank.com> wrote in message
news:uy**************@TK2MSFTNGP09.phx.gbl...

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:
>
>"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
>news:OX*************@TK2MSFTNGP09.phx.gbl...
>> there is no guaranteed way of doing this...
>> Best you can do it get the users IP and do some geo-lookups but even these >> aren't accurate, they will only get you a location for the users ISP
>> at
>> best.....
>
>That's the old way.
>
>Most reverse DNSs now give you the domain not of the ISP, but of the user's >internet connection location to the ISP, which then needs to be decoded
>(which is what I'm asking for) to give you the town.


Reverse DNS gets you whatever is entered in the in-addr.arpa reverse
domain for the zone. It may be an indicator of location, it may not.

Now, how do you get my country and town when I dial into a Canadian
ISP from here in the US?


Like I wrote, I get the location of the Canadian ISP connection (duh),
which
is exactly what I was telling you when I wrote that you get "the user's
internet connection to the ISP". Do you need me to explain that more fully
to you?

Jul 22 '05 #25

P: n/a

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 12 apr 2005 in microsoft.public.inetserver.asp.general:

"Evertjan." <ex**************@interxnl.net> wrote in message
news:Xn********************@194.109.133.29...
Victor wrote on 11 apr 2005 in
microsoft.public.inetserver.asp.general:

>
> "Evertjan." <ex**************@interxnl.net> wrote in message
>> Victor wrote on 11 apr 2005 in
[..]
>> > "Evertjan." <ex**************@interxnl.net> wrote in message
>> >> Victor wrote on 11 apr 2005 in

>> > This is for a password security system, to prevent re-use of
>> > passwords issued to corporate accounts. So, asking the user
>> > kinda defeats the security, don't you think?
>>
>> You seem to have a strange sense of security,
>> trusting a virtual component like that.
>
> you seemd to be pretty narrow minded, thinking that I don't have
> other methods of security.
>

Narrow minded??
Yes, because you are looking at the problem from a very narrow minded
perspective. Like all components, and all programming, there needs to
be error-checking in case the component doesn't provide the required
functionality.

Do you understand the concept of error-checking?


You are both insulting and bringning in new unmentioned points that have
nothing to do with your OQ.


Well, you kind of prove my point with the above post. You are more concerned
with an extremely narrow-minded examination of the language I use (troll
mentality?) than taking a broad-minded view of looking at what exactly is
the problem and how can it be solved in a FLEXIBLE and ADAPTABLE programming
environment.

You were asking about localisation by IP, which we answered.
Then you said you you wanted it for security, which we answered.
Then you said I was narrow minded,
because I did not know that you would not depend on that security, which
I answered. Now you say we should not warn you because we schould know
you would depend on error checking anyway, which concwept I would have
to know, but that you did not introduce before.
Exactly my point - you are taking an extremely narrow minded view of the
details, and ignoring the philosphy of the problem.

Let me explain error-checking to you - you take a component (like the one
discussed) and you ask yourself

1. Under what circumstances will this component perform as expected
This takes into account the component performing as documented, and also
user compliance with the component's intended functionality in the system.
2. Under what circumstances will the component NOT perform as expected
This takes into account the component NOT performing as documented
(including malfunctioning or being unavailable), and also the user's
behavior that is NOT compliant with the component's functionality in the
system (including user error and user deliberately defeating the intended
functiionality of the component).

These are the basic assumptions I make when error checking. Of course, on
the one extreme there is no error checking, on the other extreme you are
error checking for statistically insignificant errors. A good programmer
finds that happy median in the middle. It's a zen thing.

YOU are making the assumption that, for this component to be useful based
upon a narrow interpretation of what I wrote, that there is no error
checking, and that this is the ONLY method of security and that the
component must always provide the user's location consistantly and that its
INTENDED purpose is never defeated by the user.

*I* make the assumption that both #1 and #2 must be addressed, and that this
is inherent in the use of any component. You, on the other hand, make as
narrow-minded an interpretation of what I've written as you can so that you
can feel better about yourself as a programmer.


You better not be my programmer.
You would never be a member of one of my programming teams. You are not
concerend with end-result.

I have had enough of this.
That much is clear.

--
Evertjan.
The Netherlands.
(Replace all crosses with dots in my emailaddress)

Jul 22 '05 #26

P: n/a

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
:

Okay, so now your security relies on an ISP entering information into
a PTR record that you can refer to, then possibly adapt in some other


No, I'm saying that ONE aspect of my security uses this. My security does
not RELY on this.

Jul 22 '05 #27

P: n/a

"Pat Phelan" <ph********@bam.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl...
I find this discussion amusing, since my desktop would be an abomination


Isn't that a line from a Dilbert cartoon? "The unspeakable abominations from
my desktop..."


Jul 22 '05 #28

P: n/a
On Wed, 13 Apr 2005 14:21:58 -0400, "Victor" <bl***@blank.com> wrote:

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
:

Okay, so now your security relies on an ISP entering information into
a PTR record that you can refer to, then possibly adapt in some other


No, I'm saying that ONE aspect of my security uses this. My security does
not RELY on this.


I'm still puzzling how it could even be a part of a security test,
since it is so highly inaccurate and depends on information you can't
guarantee is correct. Let's say I edit my PTR records to point to the
town you expect the person I'm impersonating to be from, does that
improve my chances of bypassing your security?

I equate this with a security guard at a bank. Since many bank
employees wear white shirts, is there any realistic reason the guard
should use a white shirt as an indicator of access level? There will
likely be non-employees wearing white shirts, there may be employees
wearing colored shirts and there is nothing to prevent the bank robber
from wearing a white shirt.

Jeff
Jul 22 '05 #29

P: n/a
On Wed, 13 Apr 2005 14:03:53 -0400, "Victor" <bl***@blank.com> wrote:

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:
>
>"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
>news:OX*************@TK2MSFTNGP09.phx.gbl...
>> there is no guaranteed way of doing this...
>> Best you can do it get the users IP and do some geo-lookups but eventhese >> aren't accurate, they will only get you a location for the users ISP at
>> best.....
>
>That's the old way.
>
>Most reverse DNSs now give you the domain not of the ISP, but of theuser's >internet connection location to the ISP, which then needs to be decoded
>(which is what I'm asking for) to give you the town.


Reverse DNS gets you whatever is entered in the in-addr.arpa reverse
domain for the zone. It may be an indicator of location, it may not.

Now, how do you get my country and town when I dial into a Canadian
ISP from here in the US?


Like I wrote, I get the location of the Canadian ISP connection (duh), which
is exactly what I was telling you when I wrote that you get "the user's
internet connection to the ISP". Do you need me to explain that more fully
to you?


I understand you, and your explanation. What I don't understand is
how the Canadian ISP location I dialed into equates in any way to
identifying me or my security access, since I only dialed the Canadian
number because my US ISP was busy for two hours straight.

Jeff
Jul 22 '05 #30

P: n/a
> Do you need me to explain that more fully to you?

Hard to explain anything from a killfile. *plonk*
Jul 22 '05 #31

P: n/a

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
On Wed, 13 Apr 2005 14:03:53 -0400, "Victor" <bl***@blank.com> wrote:

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
On Mon, 11 Apr 2005 15:37:38 -0400, "Victor" <bl***@blank.com> wrote:

>
>"Curt_C [MVP]" <software_AT_darkfalz.com> wrote in message
>news:OX*************@TK2MSFTNGP09.phx.gbl...
>> there is no guaranteed way of doing this...
>> Best you can do it get the users IP and do some geo-lookups but even

these
>> aren't accurate, they will only get you a location for the users ISP at >> best.....
>
>That's the old way.
>
>Most reverse DNSs now give you the domain not of the ISP, but of the

user's
>internet connection location to the ISP, which then needs to be decoded >(which is what I'm asking for) to give you the town.

Reverse DNS gets you whatever is entered in the in-addr.arpa reverse
domain for the zone. It may be an indicator of location, it may not.

Now, how do you get my country and town when I dial into a Canadian
ISP from here in the US?


Like I wrote, I get the location of the Canadian ISP connection (duh), whichis exactly what I was telling you when I wrote that you get "the user's
internet connection to the ISP". Do you need me to explain that more fullyto you?


I understand you, and your explanation. What I don't understand is
how the Canadian ISP location I dialed into equates in any way to
identifying me or my security access, since I only dialed the Canadian
number because my US ISP was busy for two hours straight.


For the situation you mention above... hmmm... O.K., I guess I'll have to
handle it by tracking some users with a persistent cookie.

in pseudoCode,

' So, when the user logs in the very first time,
IF GeoBytesLocation <> "undefined", and other security stuff is valid,
THEN set persistant cookie and record browser ID
END IF

'On subsequent login,

IF the GeoBytesLocation is within xxx miles, and other security stuff is
valid,
THEN it's O.K., and set cookie
Log them in
ELSE 'it's outside of xxx miles
check if it's been X hours since login 'maybe they're travelling?
check if "Proxy Network" '(AOL, MSN, etc)
check for cookie
do other non-geographic security stuff
make decision if it's O.K.
END IF

This is going to depend upon other stuff as well, since some users delete
all their cookies on a regular basis.

Jul 22 '05 #32

P: n/a

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
On Wed, 13 Apr 2005 14:21:58 -0400, "Victor" <bl***@blank.com> wrote:

"Jeff Cochran" <je*********@zina.com> wrote in message
news:42***************@msnews.microsoft.com...
:

Okay, so now your security relies on an ISP entering information into
a PTR record that you can refer to, then possibly adapt in some other


No, I'm saying that ONE aspect of my security uses this. My security does
not RELY on this.


I'm still puzzling how it could even be a part of a security test,
since it is so highly inaccurate and depends on information you can't
guarantee is correct. Let's say I edit my PTR records to point to the
town you expect the person I'm impersonating to be from, does that
improve my chances of bypassing your security?

I equate this with a security guard at a bank. Since many bank
employees wear white shirts, is there any realistic reason the guard
should use a white shirt as an indicator of access level? There will
likely be non-employees wearing white shirts, there may be employees
wearing colored shirts and there is nothing to prevent the bank robber
from wearing a white shirt.


These are good questions. From what I can see from GeoBytes, there's a
variable that gives you a percent of certainty of the location. For example,
if I access using Comcast Cable, or Verizon DSL, it will give me a location
with a certainty of 98%. If I access using AOL, it may give me a certainty
of 20%. An AT&T dialup might give me a certainty of 85% for the dialup
location while also setting one of the proxy bits telling me that could have
dialed up from anywhere in the world to that location.

The real issue for me is properly coding in the LOGIC to take this stuff
into account (by considering the objections I'm reading here).


Jul 22 '05 #33

This discussion thread is closed

Replies have been disabled for this discussion.