[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ip spoofing (httpd)


today I had a discussion with somebody about the possibility of
ip-spoofing that affects the apache. In particular we were talking about
a cgi-script he implemented. The script is sort of an
online-voting-system. To avoid that someone clicks several
times he uses the source-IP and each IP has only got one vote.
IMHO it should be quite easy to bypass this sort of "security" because
the script evaluates a http-request (vote coded in the URL).
Can anyone give me a code-example that does exactly this?



Reply to: