On Tue, 19 Nov 2002, Lucian Daniel Kafka wrote: > At 12:53 PM 19/11/2002 +1100, you wrote: > > > >On Tue, 19 Nov 2002, Saints Support wrote: > > > > > I mean I know we all complained about the security of the .au DB and yes > > > I had my fair share of moans. > > > > > > But when it comes down to it. Using a Shared Proxy server like telstra's > > > IP Address '165.228.129.11' has been blacklisted. This will be reset in > > > 1 hour. > > Perhaps Ausregistry should do blacklist usage accounting on the > HTTP_X_FORWARDED_FOR IP and not the proxy REMOTE_SERVER IP. That'd work fine till some scumbag figured out that putting in a header with random HTTP_X_FORWARDED_FOR values allowed them to create a rather large hole through the restrictions :-( In other words, the HTTP_X_FORWARDED_FOR is user-suplied data - it's not to be trusted. Neale.Received on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:06 UTC