HI André, You are right, there is a hole there. However, it won't be a problem for me. Basically, I want to detect if the same IP creates so many sessions that in the same time 200 sessions exist and belong to is (the sessions live about 30 min each). My site doesn't have much traffic, usually there are between 10 and 20 sessions and many of them belong to crawlers. So if at a certain point there 200 concurrent sessions belonging to the same IP, most likely they actually belong to the same host and not to many hosts behind a proxy. Thanks for the comment!
On Mon, Oct 1, 2012 at 3:45 AM, André Warnier <a...@ice-sa.com> wrote: > Brian Braun wrote: > >> Hi Constantine, >> >> 1- I had almost decided to program a filter. However, I have found this >> solution: >> http://stackoverflow.com/**questions/3679465/find-number-** >> of-active-sessions-created-**from-a-given-client-ip/**3679783#3679783<http://stackoverflow.com/questions/3679465/find-number-of-active-sessions-created-from-a-given-client-ip/3679783#3679783> >> What do you think about it? I havent tried it yet, but as far as I can >> tell >> it looks good. It would help me to know how many sessions exist for a >> certain IP. Knowing that, I could deny more sessions for that IP (even >> though the procedure to deny is not included in this code). >> >> Just want to point out a possible hole in the logic. > If there are a number of potential (legitimate and illegitimate) clients > located within the same corporate LAN, and these clients all access the > Internet through say a corporate proxy, all these request will look to your > server as originating from the same IP address. > So you could be denying more than you wish. > > However, their origin /port/ should be different, so you might want to > include that in your filter, inaddition to the IP address. > > > ------------------------------**------------------------------**--------- > To unsubscribe, e-mail: > users-unsubscribe@tomcat.**apache.org<users-unsubscr...@tomcat.apache.org> > For additional commands, e-mail: users-h...@tomcat.apache.org > >
