Hi, today I had a discussion with somebody about the possibility of ip-spoofing that affects the apache. In particular we were talking about a cgi-script he implemented. The script is sort of an online-voting-system. To avoid that someone clicks several times he uses the source-IP and each IP has only got one vote. IMHO it should be quite easy to bypass this sort of "security" because the script evaluates a http-request (vote coded in the URL). Can anyone give me a code-example that does exactly this?
tia /ch
