>Fritz , are you sure of this step "if you want to use it you must
>establish an account there" ?
Network queries require authentication. What's that about?
For business and security reasons, Karmasphere prohibits anonymous
queries. Consequently, all network queries are authenticated either
with IP address or username/password credentials.
Which credentials can be used with which query protocols?
IP address authentication: DNS, BQuery, XML/RPC
Username/password authentication: BQuery, XML/RPC
IP address authentication works with every query protocol. In some
cases, where you don't know the IP address of the source of a
reputation query, it may be preferable to use username/password
What's IP authentication?
That's when we guess who you are based on the IP address sending the
query. You tell us which IP addresses you query from, and we figure
that any queries from those IP addresses come from you.
IP authentication is the only form of authentication available for DNS
queries. It is also supported for BQueries and XML/RPC queries.
What's username/password authentication?
That's when you encode your assigned username and password into the
BQuery packet itself, in the "auth" field.
When a BQuery shows up with the "auth" field, we don't bother looking
at the IP address.
Some client libraries and plugins use slightly different terminology.
Where they say "Principal", read "username". Where they say
"Credentials", read "password".
Where do I find my credentials?
At the page called [ http://my.karmasphere.com/app/account/auth ]My
IPs and Credentials.
The password is different from the password you use to sign in. It is
a randomly generated string. When you query the system, and use
username/password authentication, you want to use this string, not the
password for signing in.
Why do you require authentication?
In a DDOS scenario, we would be unable to distinguish legitimate
queries from an attack. Also, certain data sources restrict access to
licensed users; authentication allows us to implement access control