Toni wrote on Mon, 15 Jun 2009 12:19:32 -0400:
"Daniel Crichton" wrote...
THANK YOU for this list - it is what I was looking for - I am going to
start logging this information so I can look for patterns.
To get back to your original post: AOL dialup has gone the way of the
dinosaur, it is non-existent. As far as AOL broadband, I can speak to
a membership site I have with thousands of users and none are from
This is the first post I've made in this thread - and I never mentioned AOL
And I run 6 e-commerce sites, and we have loads of AOL users. Plus I have
run a few forum sites, and there are plenty on those too.
Second, the IP address that is as close to the visitor as possible, is
the one I want. I need to uniquely identify certain visitors, partly to
country of origin. I do a reverse DNS to identify them and the COMPANY
they are from.
Reverse DNS is not very efficient from a performance point of view. I use a
Geo IP database to determine the country of origin, this is much faster than
reverse DNS and I have it automatically updated on a daily basis.
One example is I'm working with a very large company to put information
on the web that is only accessible to their employees. I need to uniquely
identify their employees, and I can partially do this via the companies
registered range of IP addresses. (Their IT department is totally
uncooperative - they consider themselves "keepers of the secrets"
and refuse to discuss how their network works, even with corporate
execs, which is one reason why I've been contracted to do this)
Personally I would suggest to that IT department that they consider the use
of client side certificates, or a VLAN where the access can be controlled
much more closely. Relying on IP addresses alone is often the start of a
recipe for disaster. I'm assuming that you're also using client login
credentials on this site, and using NTLM/Kerberos as opposed to Basic auth,
along with SSL to help prevent sniffing login credentials over the wire?
Daniel, thank you for the thoroughness of your answer - it is clear to
me that you understand the subject. I've learned a lot.
Glad to hear I could help. I've spent 14 years building e-commerce sites for
the company I work for, and the past 4 years running my own forum sites, and
I've picked up a lot in that time. The IP tracking I do is mostly for the
e-commerce systems to help identify country of origin as part of the fraud
checks on ordering, and also to flag up potential known fraudsters - I don't
block just on the IP address, but flagging orders for further manual checks
goes a long way to helping combat fraud.