Tracking Users By IP Address

Bryan Olson fakeaddress at nowhere.org
Fri Oct 8 04:32:34 CEST 2004


Nick Craig-Wood wrote:
 > Paul McNett <p at ulmcnett.com> wrote:
 >> I'd say "negligibly few", since there really isn't good reason
 >> to give the world your internal ip address. Anyway, you can't
 >> count on it, and you wouldn't have a basis to know what
 >> percentage weren't unique.
 >
 > An awful lot of proxies do do exactly that (I used this technique
 > before).
 >
 > HTTP_X_FORWARDED_FOR and REMOTE_ADDR are the headers you want

Many open proxies do that to avoid being bad net-citizens.  It
is not common practice for NAT gateways and enterprise proxies.

 > Its not safe to use this as a unique address for a user but if
 > you are interested in exactly where your users are (for fraud
 > checking purposes) its a useful technique.

It can detect fraud, but there are enough transparent proxies
that it cannot detect absence of fraud.


-- 
--Bryan



More information about the Python-list mailing list