Not to get into a flame war (besides, that's a cute photo of you and your dog), but IMHO you're completely wrong. Using IPs for session information is only "guaranteed" to fuck you.

First point: proxy servers. Many people can share what appears to your script to be the same IP. What if I administer 1,000 machines, all loaded with the same configuration, routed out one proxy server? And what if two of them visit your site? Your session information is toast, and you won't even know it.

If a browser doesn't support cookies, or rejects them outright, you know right away. Writing cookie-detection scripts in Perl and/or JavaScript is not difficult. You can program your script to respond to that event by using a different scheme or rejecting the request. No such logic is possible with IPs.

And using IPs as supplemental information with other environmental variables won't help either: if you have an unknown quantity and add it to a known, your result is still unknown, and you have no reason to believe otherwise.

Granted, no scheme is totally uncrackable. But I think IPs are less secure than most.
--
man with no legs, inc.

In reply to RE: Faking an ip? by legLess
in thread Faking an ip? by EvanK

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.