This page has been archived and is no longer updated

 
Bioscience eLearning
Subscribe To Scitable Forum Topic
Email
January 25, 2011 | By:  Nick Morris
Aa Aa Aa

Do you speak my language: I is for Injection, IP address, IMAP...

I is for Injection, IP address, IMAP...


Thin pickings for I, but I will go with IP address.


IP addresses (Internet Protocol addresses) are dead boring, but also very useful. You can use IP addresses in your teaching to decide how your web-server should respond to requests for information (see .hataccess files in H - Do you speak my language: H is for htaccess, hacker, host, http, https, html, hardware).


What is an IP address?

We are all used to web-addresses that look like http://www.nature.com. However, computers don't use addresses such as http://www.nature.com they use the IP addresses.


An IP address is a unique numerical identifier for your computer. An IP address usually takes the readable form of 123.456.789.123 (this is a 32 bit version 4 address), and there is also a new version 6 address format currently being rolled out as we are about to run out of available version 4 numbers.


As each computer (or device) on the Internet has a unique IP address (hence the reason we are running out), you can use IP addresses to identify users by machine and location.


Using IP addresses in your teaching

The useful thing about IP addresses is they have geographical locations associated with them. What I mean by that is all the machines in a given area will have similar IP addresses so you can screen out (or screen in) access to resources. For example, if your campus has all 128.240.xxx.xxx addresses then you could only allow access to specific resources to people using a computer with a 128.240.xxx.xxx address as those people are either on campus or connected to campus using, for example, vpn (see V in this series). (There are also 'private' IP addresses. These are addresses that never get on to the Internet and are only used on 'local' machines on the same 'local' network. Screening for such 'private' IP addresses can be a great way of limiting access to local users.)


By setting your .hataccess file (see H - Do you speak my language: H is for htaccess, hacker, host, http, https, html, hardware) correctly you can filter access by IP address so you can control who does, and who does not, have access to pages on your server.


Static v. Non-static IP addresses

One note of caution with IP addresses (or a bonus depending on your point of view). IP addresses can be static or non-static. What I mean by this is your local system admin (IT) guys may assign a specific IP address to your machine that it uses all the time, or your machine may be assigned a new IP address, from a pool of suitable IP addresses, each time it connects to the local network.


The plus side of static IP addresses is it is dead easy to set up a local server as you can connect the server to the local network and 'publicise' the server address to your students as http://123.456.789.123 (where 123.456.789.123 is your static IP address). In addition, with static IP addresses you alway know that a machine that connected to your server with an address of, say, 123.456.789.231, is always the machine at bench 6 in the local cluster. A very handy check for controlling access and monitoring interactions with, for example, an assessment system.


Non-static (changeable) IP addresses make it more tricky to set-up a local server (but it can be done), and you cannot guarantee that a particular IP address is associated with a particular machine at any given time. (However, the 'geographical'/on-campus rule discussed above will still apply.)


The other Is in the list:


Injection: In this context I am referring to the addition of data (normally for the wrong reasons) to a stream of data. The most well known examples of this occurs in online forms that post information to a database (see D - Do you speak my language: D is for Database, debug, DNS). The user adds a few lines of database code to the end of the information on the form and when this form is received and processed by the server the additional database code is run. This can result in the database being being corrupted or destroyed. Guarding against such an attack is possible by making sure data sent to the system is checked for such 'tricks'.


IMAP: A really useful email protocol which means that mail messages are synchronised between different machines as the mail message remains on the server (see S in the series).


Protein: 3LOH


0 Comment
Blogger Profiles
Recent Posts

« Prev Next »

Connect
Connect Send a message

Scitable by Nature Education Nature Education Home Learn More About Faculty Page Students Page Feedback


Blogs