Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


1220 posts

Uber Geek
+1 received by user: 58


Topic # 55946 11-Jan-2010 08:58
Send private message

Just trying to work out, when I am on a website, ie on here, what part of my system tells the website my IP address?

I'm running Vista on its standard settings and using Vodafone mobile broadband.

Is it my PC or the vodem choosing the IP?

I would have thought that in standard form my PC has a dynamic IP address, so in this case, how can a website, ie geekzone, tell its me each time I go to the site?

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
Professional yak shaver
1599 posts

Uber Geek
+1 received by user: 8

Trusted
BitSignal
Subscriber

  Reply # 288855 11-Jan-2010 09:04
Send private message

The website server detects your IP address, and Geekzone uses cookies to know you are you.




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown

BDFL - Memuneh
60605 posts

Uber Geek
+1 received by user: 11538

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 288858 11-Jan-2010 09:08
Send private message

Cookies are text files (not malware as some want you to believe) which can be stored on your computer by a web browser, or request.

When a session is initiated the server puts a cookie on your computer and automatically track it to keep the session open. We also store cookies on your computer if you select the option to automatically login - your username and password are stored there so your browser automatically sends this to the server when visiting the site.







1220 posts

Uber Geek
+1 received by user: 58


  Reply # 288860 11-Jan-2010 09:13
Send private message

magu: The website server detects your IP address


And where does this address come from? Is it from my PC independantly of whichever company I use to access the internet?

Professional yak shaver
1599 posts

Uber Geek
+1 received by user: 8

Trusted
BitSignal
Subscriber

  Reply # 288862 11-Jan-2010 09:14
Send private message

It will most likely be the IP address your ISP gives you.


EDIT: WOOT! Post #600!




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown

268 posts

Ultimate Geek


  Reply # 288868 11-Jan-2010 09:25
Send private message

Password in the cookie? I hope geekzone is well tested for XSS vulnerabilities!

16 posts

Geek


  Reply # 288870 11-Jan-2010 09:29
Send private message

Hi,
It is generally not your system per se that is telling a website your IP address. The TCP/IP packet that the website recieves includes your IP address as part of the information contained in it (well actually the external IP address of your modem/router/gateway). The IP address is actually assigned by your broadband provider (generally dynamically, but can be static) - you have little or no control over the extenal IP address. As for how a website knows who you are, generally it is from a "cookie" that is stored on you PC and contains information that the website can use to "track" you.



Edmund

Professional yak shaver
1599 posts

Uber Geek
+1 received by user: 8

Trusted
BitSignal
Subscriber

  Reply # 288871 11-Jan-2010 09:31
Send private message

friedCrumpet: Password in the cookie? I hope geekzone is well tested for XSS vulnerabilities!



Thanks for pointing that out! Went to my Cookie storage and saw my password in plain-text!


Big no-no!


Use a hash at a minimum.




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown



1220 posts

Uber Geek
+1 received by user: 58


  Reply # 288872 11-Jan-2010 09:39
Send private message

Damn it, it did that thing where I write a reply and click post reply, and instead it goes back to the forum homepage. Wish I knew why it did that. Keep wasting time writing replies and they get deleted. I try to copy text to clipboard before submitting but sometimes, like this time, I forget.

So changing from VF to Telecom broadband or vice versa, means that (any) website visited will have no clue who you are, there will be no other form of ID that gives the game away you are in fact the same person?

In this scenario do the cookies obtained during previous ISP still work, or will they be replaced with new ones and passwords, etc need to be entered again?

Professional yak shaver
1599 posts

Uber Geek
+1 received by user: 8

Trusted
BitSignal
Subscriber

  Reply # 288873 11-Jan-2010 09:40
Send private message

They *should* still work. Some websites may not, however, based on the change of IP addresses.




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown

BDFL - Memuneh
60605 posts

Uber Geek
+1 received by user: 11538

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 288874 11-Jan-2010 09:42
Send private message

friedCrumpet: Password in the cookie? I hope geekzone is well tested for XSS vulnerabilities!


Do you worry about Trade Me? They store passwords in plain text too...





Professional yak shaver
1599 posts

Uber Geek
+1 received by user: 8

Trusted
BitSignal
Subscriber

  Reply # 288875 11-Jan-2010 09:44
Send private message

freitasm:
friedCrumpet: Password in the cookie? I hope geekzone is well tested for XSS vulnerabilities!


Do you worry about Trade Me? They store passwords in plain text too...




Oh OK, then. Since they're doing it as well, it must be fine, right? ;D




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown

268 posts

Ultimate Geek


  Reply # 288876 11-Jan-2010 09:44
Send private message

freitasm:
friedCrumpet: Password in the cookie? I hope geekzone is well tested for XSS vulnerabilities!


Do you worry about Trade Me? They store passwords in plain text too...



Two wrongs don't make a right.

16 posts

Geek


  Reply # 288877 11-Jan-2010 09:46
Send private message

Don't allow auto login generally solves the problem. It is convenient but.....

BDFL - Memuneh
60605 posts

Uber Geek
+1 received by user: 11538

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 288878 11-Jan-2010 09:46
Send private message

magu:
friedCrumpet: Password in the cookie? I hope geekzone is well tested for XSS vulnerabilities!


Thanks for pointing that out! Went to my Cookie storage and saw my password in plain-text!

Big no-no!

Use a hash at a minimum.


And how good would that be? Someone can steal the hash and still use it. The password is hashed and encrypted in our database, so the only way to be stolen is in your own PC or in transit during login.

Sensible password policy: use a different one for each website.





 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.