This is an email (from an ASP mailing list called 4guysfromrolla.com)
which discusses checking where a user is from.
Hope it helps.
One question that is often asked on the ASPMessageboard is: "How can I
determine where someone is located, by grabbing their IP, either so the
page can be personalized for their state/country, or so that I can
authenticate them, and make sure that they aren’t giving away their
username/password combo to my pay-to-use site?"
The answer is, You can (to some extent), and you can’t. You can get
the IP of a client requesting a page from your site using
Request.ServerVariables("REMOTE_ADDR") on your page. If what you want is
national, (or continental) distinction, that is fairly well mapped out.
The University of California at Berkeley maintains a database of every
IP block, mapped to the countries that they have been assigned to by
ARIN, RIPE, and APNIC. As of this writing, I don't know where a copy of
this database may be obtained, as the only site that I knew to offer it
(http://geo-ip.com) appears to be off-line. However, if you can find it,
it is considered the authoritative source for current IP block
assignments. Another option that you as a web programmer have, would be
to go to the same source as Berkeley, and use the XMLHTTP component to
query ARIN, RIPE, and APNIC for the source of a given IP on the fly. One
of the benefits of this option would be that you would have a
maintenance free method, that would always be up-to-date, whereas the
Berkeley DB must be updated every month in order to stay current. (For
more information on the XMLHTTP component be sure to check out this
FAQ.)
If you choose to use the REMOTE_ADDR server variable, you can be fairly
certain that the IP that you recover accurately represents the nation of
origin of that user. It is fairly uncommon for a user to be accessing
the Internet from outside of the country that he is currently in, with a
few notable exceptions, such as those who choose to surf though an
anonymous proxy server, such as is discussed below. If, however, you
want to get the state that a user is coming from, or authenticate the
identity of a user, you're out of luck as far as any even remotely
reliable method is concerned.
You see, IPs are assigned to users in a variety of different ways, and
not all of these ways indicate the originating location of that user, or
who the actual end user is. Many computers, particularly those that are
networked, do not access the Internet directly. They use an
intermediary, known as a proxy server. Say for instance, you have two
workstations, with IPs of 192.168.0.2, and 192.168.0.3, and a proxy
server with an IP of 211.58.61.10. If user 192.168.0.2 were to request a
webpage, say, www.yoursite.com, that request will go to the proxy
server, which will, in turn, query www.yoursite.com. Then, yoursite.com
will get the page request from the proxy server (211.58.61.10) and will
send the page back to that address, which will then determine that the
page should be sent to 192.168.0.2. If 192.168.0.3 were to request that
same page, the same sequence will occur. Yoursite.com will still get the
page request from 211.58.61.10, (the proxy server IP) and then the proxy
server, after again receiving the page from your server, will determine
that this time, the contents of that page need to be delivered back to
192.168.0.3.
Even if you could see the originating machines, (though you now see that
in this situation you can’t) it would be useless, because most users
in this sort of a scenario don’t have a unique IP, if any IP at all!
Because there are only a limited number of IPs, several blocks have been
set aside as non-routable, for use in internal networks, and can be used
by many, many networks at once. One of the blocks is the 192.168.x.x.
This means, that there are probably hundreds, if not thousands of
computers at any given moment that have been assigned the address of
192.168.0.1, or 192.168.0.2! There are also many large corporate
networks, (although fewer than in the past) using Novell, or other
NOS’es that don’t even assign IPs to the clients, but instead uses
the network card’s MAC address as the unique identifier. It would be
pretty hard to get the IP of a computer that doesn’t even have one!
Well you say, My users aren't corporate users, they are people dialing
up from home. That's well and good, but corporate users are not the only
network clients that utilize this kind of setup. AOL uses the same
scheme! So, if you have two clients dialing-up via their AOL accounts,
one from Minnesota, and one from California, you may very well see the
same IP for both of them! You are, in fact, limited to only a few
thousand IPs for all of AOL's thirty-plus million users. To confound you
further, they will both appear to be residents of Reston, Virginia,
because that is where all of AOL's proxy servers are located.
Another proxy issue, is that of anonymous proxies. Some people, for
privacy reasons, choose to access the Internet through anonymous proxy
servers such as the service offered by anonymizer.com, so that their
travels around the Internet cannot be tracked. Regardless of the method
by which they access the internet, the only IP that you will get will be
the IP of the anonymous proxy server, which will resolve to the location
of that proxy server, regardless of where the client is located.
A common follow-up question, once you have learned that you can't
uniquely identify users by IP is: If I can't use an IP, how can I get
the MAC address, and use that to identify clients? Again: You can't. The
MAC address of the originating machine is only passed to the next point
in the network connection, not to the end of the chain, along with the
IP. (See RFC 1180 for a more detailed look at how this works.) In fact,
if the client is using a modem and a dial-up connection, he doesn't even
have a MAC address. Modems don't need them, because they utilize a
point-to-point connection. They only time that you could strip the
client's MAC address from the packets that the server receives, would be
if the client was directly connected to the server with an Ethernet
cross-over cable. You could also, most likely resolve an IP to a MAC
address on a shared Ethernet LAN, but not on the Internet, via ASP.
To sum up, ASP, and in fact, the Internet itself are simply not designed
to be able to provide absolute identification of users. If you really
need to know the location of your users, the best way is ask them. I
promise. If this way is good enough for the big boys, like MSNBC.com and
CNN.com, it'll be good enough for your site.
Happy Programming!
-------------------------------------------------------------------------
-------
FAQ
-----Original Message-----
From: Paul Hastings [mailto:[EMAIL PROTECTED]]
Sent: 09 January 2002 19:24
To: CF-Talk
Subject: Re: tracing where users are from
> Does anyone know if there is a way (using cf) to check where users are
from?
> (like country)I know you can do this with a program like web trends
but I
> wonder if there is a more practical way to do this. (run a traceroute
dos
> command via cf perhaps?)
not exactly cf but www.geobutton.com works most of the time...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.311 / Virus Database: 172 - Release Date: 12/27/2001
______________________________________________________________________
Get Your Own Dedicated Windows 2000 Server
PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
Instant Activation · $99/Month · Free Setup
http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
