At 04:38 PM 10/11/2001 -0400, Geoff Talvola wrote: >I could write a program that keeps on trying random session IDs with the >date/time part of the session ID set to a couple of minutes ago, so the >session is likely to still be around. It might take hundreds of thousands >of tries but it would eventually find a valid session ID, especially on a >site that gets a lot of traffic and therefore has a lot of new sessions >getting created all the time.
Then would it be correct for me to say that the response is to increase the number of tries to something ridiculously high until it become prohibitive to use that approach? -Chuck _______________________________________________ Webware-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/webware-devel
