sir, your page has an invalid argument....

perhaps its just my firewall(S), but your script doesnt come close to identifying me....


it shows my ip as 3 routers away from my actual address...

I would be happy to help you to fix this, if you care

also, my recommendation.... dont who the absolute path to your servers directories on that page... man, that is just asking for me(or others) to go poking at your system files.... and since you dont have even close to my real Ip address, wth, why not try to hack you? (ok, well, I am not a hacker)

first rule of thumb in webdev... hide the real paths, always. if you dont believe that, well , thats your call, and I have nothing else to tell you.

(just imho and trying to offer a kind gesture) -- shareware scripts that tell you user stats are fun, but dont use them all -- it reveals too much about your host

I wont get involved, though, you really should send PeOfEo a private message rather than tell the entire community. ;)

Regards.

buntine, yes, you are right... but I dont accept PM's so it didnt cross my mind. he puts it in his signiture though, so its not like its hidden info.

btw, sorry I typoed your name

That ip is the ip of your router. It is a server side script, it gets the ip the internet sees, not your local ip. Infact what am I supposed to do with your local ip, it would be pointless for me to log it because it can be changed. The only way I am going to be able to get that from the server that I know of is with SSL. Also, that is running from my home computer, it is kind of obvious where inetpub is, I can change the root dir from wwwroot but I am too lazy and that is the first place a person would look anyway. If I am on IIS5 my door is open anyway so why not show the path, it does not give a hacker any more advantage. The only time I might mask it is if I had it running from an alternate drive, but I do not right now. Which may change. Anyways I fail to see how knowing my path would aid a hacker in getting into my system files anyway, Id be more at risk from them port scanning me or something. I am my worst danger as me accidentally downloading mp3.exe from kazaa is a bigger threat then some awesome hacker because that is more apt to happen. I am not worried too much about a hacker... I have nothing of value in there and my stuff is backed up. Hackers can't really phase me as I reformat pretty regularly anyway.
Also, if you had a proxy I would be basically sol too, I mean there is no way to prevent a user from masking their ip with a proxy, infact I do it quite often, www.anproxy.com to vote on polls several thousand times, get around ip bans, spam message board, and do other stuff where I can get around precautions that realy on my ip... just when I am borde really. Also I would be sol using ssl to get an ip if the user is behind an ssl proxy would I not?

windows xp security, especially true when the user is running iis5 (http://quasi-ke.servebeer.com/xpsecurity.jpg)