One of our customers requested access to one of our sites using IP authentication so they wouldn't need to log in. They decided they didn't want to give us a list of their IPs for security reasons, so I looked them up in our logs and verified with a nslookup. Now they are complaining that I obtained a list of their IPs! Seriously people, you can't request to have IP restricted access and expect us to not know your IPs. In addition, it is FAR more important that we log our connections to the server for security than it is for them not to give out the IPs. This is just mind boggling.