[Talk-GB] liam123's latest
david at frankieandshadow.com
Fri Sep 18 12:13:12 BST 2009
On 18/09/2009 11:52, Tom Hughes wrote:
>> Re IP addresses, it depends on how he is connected - mine for example
>> never changes so long as I am using the same Mac address to connect. It
>> is cited on the DWG page as one course of action, and I think it would
>> be more effective than banning the account, as we'll likely lose track
>> of him.
> Well bully for you. Now if the entire world is using the same ISP as you
> then everything will be fine.
Well, it seems a reasonable assumption to me that if my ISP does it this
way it might be quite a common practice. But apparently not, so I stand
corrected. Doesn't mean it's not worth looking at though - Virgin Media
is widely used.
>> It is trivial to get hold of the IP address - every HTTP request carries
>> it, though a serious hacker would forge or suppress it, I doubt he's
>> doing that - if he was not just playing, he'd be using multiple accounts.
> I'm not a complete muppet thank you. I know full well that every HTTP
> request has an IP address associated with it.
I didn't think you didn't, but you were the one who said it was hard.
> The problem is working out which HTTP requests are his! The web server
> access logs do not record the authenticated user for each request for
> the very simple reason that the web server has no idea as that is a
> rails level issue.
> The rails logs also do not log the user details, although they probably
> could be made to. It would be on a separate line to the IP address
> however which makes pulling them out much harder.
I was thinking more along the lines of recording the IP address along
with the other changeset information (but not, presumably, exposing it
in the API) - after all, that's what the information is wanted in
relation to, and it would allow us to see how the address is changing
for any particular user.
I'm sorry if I seem frustrated by this, but it is because I am. We've
all spent thousands of hours each on this, and this guy is undermining
everything we've all done. Even though it's not my area (though close),
it completely destroys any confidence anyone might have in what they see
More information about the Talk-GB