... but the statement I was responding to was "Every time you hit a web
site, your IP address is recorded in their *logs*." (emphasis added).
but unless the site uses scripting of some kind (including cookies) to
record the data for their own use, it is *not* recorded in their web
site logs by default.
Let's have a look at the logs from my website. They are huge !
I once wrote a document called "NNTP for Virgins" which was about
getting the NNTP server up and running in TNOS and JNOS.
Here are two little extracts from the logs where someone has gone to
a search engine looking for something else:
a065163.dialin.hansenet.de - - [07/Nov/2003:02:42:15 +0000]
"GET /amrad/nntp4v.htm HTTP/1.1" 200 27547 "
http://search.msn.de/
results.aspx?ps=ba%3d(0..15)0........%26co%3d(0..15)6.3.200.2.5.10.1.3.
%26pn%3d1%26rd%3d0%26&q =little+virgins+bbs&ck_sc=1&ck_af=1"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)"
So hostname a065163.dialin.hansenet.de went to the search engine
search.msn.de looking for the "little virgins bbs"
cache-loh-ac05.proxy.aol.com - - [23/Oct/2003:19:43:06 +0100] "GET
/amrad/nntp4v.htm HTTP/1.0" 200 27547 "
http://aolsearch.aol.co.uk/web?
query=what+i+want+is+virgins&location=uk&isinit=true&submit.x=33&
submit.y=14""Mozilla/4.0 (compatible; MSIE 6.0; AOL 8.0; Windows 98)"
The AOL user who was making use of cache-loh-ac05.proxy.aol.com
on 23rd Oct at 19:43:06 went to aolsearch.aol.co.uk using as the search
term "what i want is virgins"
If the IP address does not resolve to a hostname, then the dotted quad
address is substituted instead !
209.17.161.144 - - [06/Nov/2003:22:01:09 +0000] "GET /linux/msfclock/
HTTP/1.1" 200 3530 "
http://www.rat.org.uk/amrad/menu.htm" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1)"
The above user was looking at a page about an MSF decoder for Linux
having linked there from a menu page.