什么识别信息网站捕捉? [英] What identifying information can a website capture?

查看:101
本文介绍了什么识别信息网站捕捉?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如果一个网站的所有者希望跟踪谁是自己的用户尽可能地,也能捕捉些什么东西(以及如何)。你可能想知道这件事,以捕捉您创建或网站的信息,为用户,为的 prevent 的从你捕获数据的网站。

下面是一个首发名单,但我敢肯定,我已经错过了一些重要的:


  1. 推荐人(什么网页,不得不跟着你到这里的链接)。这是一个HTTP标头。

  2. 您是从浏览本机的IP地址。这是可用的HTTP标头。

  3. 用户代理(你使用的是什么浏览器)。这是一个HTTP标头。

  4. 饼干放在一个previous访问。这是一个首部,仅当一个cookie前面放置并没有被用户删除。

  5. 的Flash Cookie的放置在previous访问。有些用户关闭cookies,但的非常的很少有人知道如何关闭闪光灯饼干。就像一个正常的饼干,虽然这取决于闪存。

  6. 网络臭虫。将小东西(如一个透明的单像素GIF)这是一个从第三方服务在页面上。有些第三方(如DoubleClick)都会有自己的cookies,可与其他访问用户作出(收费!)相关联。

这些都是常见的,我认为,但有必须是不同寻常的人的手。举例来说,这样的:


  1. 在用户的时钟时间。 使用JavaScript 来发送。

...这是我从来没有在这里读书之前听说过。

后来添加(阅读后):

请尽量把只有一个项目每答案,那么我们就可以用投票最多理清更好/更有趣的。下面的列表可能是事倍功半。

不错啊......下一次我问一个问题,这样我就设置好了。

和这里有一些我得到了最好的答案:


  1. James指出,IE浏览器发送的.NET framework版本。

  2. AviewAnew指出,人们可以找到你访问过哪些网站。

  3. Mecki指出屏幕分辨率可被确定。

  4. Mecki 的指出,任何自动填写您的浏览器缓存了可确定的信息,通过创建一个隐藏字段,然后用JavaScript阅读它。

  5. jjrv指出,Flash可以列出用户的机器上的字体。

  6. Kent指出,你可以找到哪些网站的人已参观

  7. Silver龙指出您可以确定使用Flash和AJAX的浏览窗口中单击鼠标的位置。

  8. Jim指出,你可以告诉什么语言用户
    解决方案

    修改你原来的:


    1. 可以逃脱(我认为它在某些浏览器选项)

    2. 只有一个代理可以避免的(JavaScript可以然而,随着智能环视违反本)

    3. 是靠不住的,很容易伪造。

    4. 并假设它不是由浏览器关闭(会话cookie)和Cookie抹在同一个域/路径

    真正讨厌的是


    1. 使用JavaScript来探测你的网络/ LAN

    2. 使用JavaScript来从防火墙后面访问你的防火墙并调整其设置(不是开玩笑)

    3. 使用访问过的链接的功能来确定哪些URL列表中已被访问过。 (深厚的历史探究!)

    4. 有谁知道,如果用户的是Windows / IE / ActiveX技术

    If the owner of a web site wants to track who their users are as much as possible, what things can they capture (and how). You might want to know about this in order to capture information on a site you create or, as a user, to prevent a site from capturing data on you.

    Here is a starting list, but I'm sure I have missed some important ones:

    1. Referrer (what web page had the link you followed to get here). This is a HTTP header.
    2. IP Address of the machine you are browsing from. This is available with the HTTP headers.
    3. User Agent (what browser you are using). This is a HTTP header.
    4. Cookie placed on a previous visit. This is a header, available only if a cookie was placed earlier and was not deleted by the user.
    5. Flash Cookie placed on a previous visit. Some users turn off cookies, but very few know how to turn off Flash cookies. Works like a normal cookie although it depends on Flash.
    6. Web Bugs. Place something small (like a transparent single-pixel GIF) on the page that's served up from a 3rd party. Some third parties (such as DoubleClick) will have their own cookies and can correlate with other visits the user makes (for a fee!).

    Those are the common ones I think of, but there have to be LOTS of unusual ones. For instance, this:

    1. Time on the user's clock. Use JavaScript to transmit it.

    ... which I had never heard of before reading it here.

    ADDED LATER (after reading this):

    Please try to put just ONE item per answer, then we can use voting up to sort out the better/more-interesting ones. The list below is probably less effective.

    Ah well... NEXT time I ask a question like this I'll set it up better.

    And here are some of the best answers I got:

    1. James points out that IE transmits the .NET framework version.
    2. AviewAnew points out that one can find what sites you have visited.
    3. Mecki points out that Screen Resolution can be determined.
    4. Mecki also points out that any auto-fill information your browser has cached can be determined, by creating a hidden field, then reading it with JavaScript.
    5. jjrv points out that Flash can list the fonts on the user's machine.
    6. Kent points out that you can find out what websites a person has visited.
    7. Silver Dragon points out you can determine the location of the mouse within the browsing window using Flash and AJAX.
    8. Jim points out that you can tell what language the user

      解决方案

      Modifications to your original:

      1. can be escaped ( i think its an option in some browsers )
      2. only avoidable with a proxy ( javascript can contravene this however with smart lookaround )
      3. is unreliable, easily forged.
      4. And assuming it was not wiped by browser closure ( session cookie ) and cookie is in the same domain/path

      The real nasty ones are

      1. Using javascript to probe your network/lan
      2. Using javascript to access your firewall from behind the firewall and adjust its settings ( no joke )
      3. Using the feature of the "visited link" to determine which of a list of urls have been visited. ( deep history probing ! )
      4. Goodness knows what if the user has Windows/IE/ActiveX

      这篇关于什么识别信息网站捕捉?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
跨浏览器开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆