hmmm... for those of us really in the know...

spoofing doesn't let an invalid user get access to sensitive data on your

if someone is spoofing a valid ip address, the return packets will travel to
the spoofed ip address, not to the 'real' ip address of the spoofer. so,
even though they have a 'valid' ip address, they still can't see anything.


on 9/6/01 1:31 AM, Tom Carter at [EMAIL PROTECTED] wrote:

> Just to bring that point up again.... for those in the know, IP addresses
> are easy to spoof, in other words make it appear that it comes from
> elsewhere. If your system contains sensitive or confidential data then I
> would suggest you do both - username/password and IP

-- mike cullerton

PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to