ip spoofing (httpd)
today I had a discussion with somebody about the possibility of
ip-spoofing that affects the apache. In particular we were talking about
a cgi-script he implemented. The script is sort of an
online-voting-system. To avoid that someone clicks several
times he uses the source-IP and each IP has only got one vote.
IMHO it should be quite easy to bypass this sort of "security" because
the script evaluates a http-request (vote coded in the URL).
Can anyone give me a code-example that does exactly this?