Also, not sure how I match an entry in an Apache log to an individual user putting a transaction through the application. so if I have thousands of users a day, how do I know which is which IP?
Ann Todd Lyons wrote: > On Thu, Jul 5, 2012 at 6:39 PM, Randall Whitman <909li...@whizman.com> wrote: > >>> Any way to "capture" the ip address from the http request or something >>> like that? It is a java application running under tomcat with apache as >>> the web server. >>> >> By default, the client IP address is the first field of the Apache >> access log file. A clever attacker will spoof it, else use a >> compromised botnet rather than one's own machines. >> > > I'll nitpick a little here. You can't spoof the endpoint of a valid > TCP connection. They may proxy it through some open proxy, but it > will be the IP of the proxy, and most proxies, even open proxies, will > add a HTTP header that indicates what IP it's proxying for. > > ...Todd > -- Ann Richmond ---------------- Randr Inc 951-369-3427 951-787-8683 Fax www.randrinc.com
_______________________________________________ LinuxUsers mailing list LinuxUsers@socallinux.org http://socallinux.org/cgi-bin/mailman/listinfo/linuxusers