WebApp Sec mailing list archives
Re: Web site cookie overload?
From: Nick Seward <nseward () cscn com>
Date: Tue, 25 Jan 2005 09:36:17 +0000
Alexander Klimov wrote:
What if a website doesn't use logins to track visitors? Granted unique IP's are not always unique as you have mentioned. What would be the best way to track these visitors?On Wed, 19 Jan 2005, Nick wrote:Most sites will not use cookies as a way of counting the number of visitors since they are unreliable just like you mentioned. Instead they would track the number of unique ip addresses that access their website. This would then be the total number of unique visitors to their site which is much more reliable then a cookie count.As was said many times before, unique IPs are by no means indicate unique users: whole company could be behind a single proxy (1 IP for many users) and due to dynamic IPs implemented by most ISPs a single user could have multiple IPs (1 user many IP). If a website wants to make any real counting of its users it can implement some kind of sign on service (with UID and password) so that users be interested in storing cookies in order to avoid relogins.
Nick
Current thread:
- Web site cookie overload? Richard M. Smith (Jan 19)
- Re: Web site cookie overload? Nick (Jan 23)
- Re: Web site cookie overload? Griffiths, Ian (Jan 24)
- RE: Web site cookie overload? Richard M. Smith (Jan 24)
- Re: Web site cookie overload? Alexander Klimov (Jan 27)
- Re: Web site cookie overload? Nick Seward (Jan 27)
- Re: Web site cookie overload? Alexander Klimov (Jan 27)
- Re: Web site cookie overload? Griffiths, Ian (Jan 24)
- Re: Web site cookie overload? Nick (Jan 23)