fishScript.com d
Home| Progetto| Web| Faq| Acronimi

Argomenti

Documenti pubblicabili:1120
Scripts:1282
Documenti non pubblicabili:162
Categorie tematiche:68
.Net
   |_C#
   |_Visual basic.net
   |_Asp.net
Active Server Pages
C++
Cascade Style Sheet
JavaScript
Mysql
Php
Xml
Java
   |_Java 2 Micro Edition
   |_Java server pages
   |_Java Servlet
Oracle
   |_PLSQL
PostgreSQL
Unix





PLSQL... Script: Errori
Shell scripting... Script: Debug shell program

A User Agent, like a web browser, uses HTTP to request a HTML document



In programming the danger of exploring the small details of coding is that you get obsessed with every line of code you write, thereby greatly reducing productivity.
In general, is not worth obsessing over code.
On the other hand you should code with deliberation and intent. Steven Feurstein Oracle Magazine July /August 2004

A User Agent, like a web browser, uses HTTP to request a HTML document

Documents

Home >Security > How safe is restriction by IP address or domain name?

Stampa  Stampa


Restriction by IP address is secure against casual nosiness but not against a determined hacker. There are several ways around IP address restrictions. With the proper equipment and software, a hacker can "spoof" his IP address, making it seem as if he's connecting from a location different from his real one. Nor is there any guarantee that the person contacting your server from an authorized host is in fact the person you think he is. The remote host may have been broken into and is being used as a front. To be safe, IP address restriction must be combined with something that checks the identity of the user, such as a check for user name and password.
IP address restriction can be made much safer by running your server behind a firewall machine that is capable of detecting and rejecting attempts at spoofing IP addresses. Such detection works best for intercepting packets from the outside world that claim to be from trusted machines on your internal network.

One thing to be aware of is that if a browser is set to use a proxy server to fetch documents, then your server will only know about the IP address of the proxy, not the real user's. This means that if the proxy is in a trusted domain, anyone can use that proxy to access your site. Unless you know that you can trust a particular proxy to do its own restriction, don't add the IP address of a proxy (or a domain containing a proxy server) to the list of authorized addresses.

Restriction by host or domain name has the same risks as restriction by IP address, but also suffers from the risk of "DNS spoofing", an attack in which your server is temporarily fooled into thinking that a trusted host name belongs to an alien IP address. To lessen that risk, some servers can be configured to do an extra DNS lookup for each client. After translating the IP address of the incoming request to a host name, the server uses the DNS to translate from the host name back to the IP address. If the two addresses don't match, the access is forbidden. See below for instructions on enabling this feature in NCSA's httpd




Warning: include(ads/text468x15.html): failed to open stream: No such file or directory in D:\inetpub\webs\fishscriptcom\documents\view_document.php on line 131

Warning: include(): Failed opening 'ads/text468x15.html' for inclusion (include_path='.;C:\php\pear') in D:\inetpub\webs\fishscriptcom\documents\view_document.php on line 131


signal Marco Magnani marcomagnani@fishscript.com



Cerca





Anger is creative, depression is useless.
Dyson, Freeman J.


Anger is creative, depression is useless.
Dyson, Freeman J.


Security... Citazioni: Sicurezza

Security... Definizioni: MD4, MD5 and SHA-1

Oracle... Definizioni: Schema


Shell scripting... Script: Ciclo sul contenuto directory



fishScript.Com is accessible by Mobile access technology as mobile phones, Palm and Pocket PC .

Nicoleta e Marco Magnani tutorial, examples, courses, esempi, corsi, esercizi, appunti vari Dottoressa Nicoleta Dragu Formatrice Docente Insegnante Mediatrice Culturale Dott. Marco Magnani Universita La Sapienza Roma Master Computer Science Hunter College New York , Data Base Administrator DBA oracle System architect

Last modified: 2017-11-30 amministratore@fishscript.comNico and Marco Magnani Software Production
Home|About this Site © 2003-2008 www.fishScript.com ®