[Gllug] IP address changes
Richard Jones
rich at annexia.org
Sun Nov 26 16:45:32 UTC 2006
On Sun, Nov 26, 2006 at 12:40:18PM +0000, Alain Williams wrote:
> I have a problem where is seems that IP addresses are changing
> rapidly, AOL users seem particularly badly affected.
>
> What is this about ?
> I implement some (php) session protection by noting the IP address
> that the requests are coming from. If this IP address changes I
> decide that someone is attempting to hijack the session. I have seen
> a spate of these, with most of them from addresses like 195.93.21.40
> becoming 195.93.21.138 (AOL). I have also seen 2 where the address
> block belongs to Energis.
>
> Does this mean that I can't use an IP address as a constant in a web
> session ?
Basically no, you cannot rely on the IP address being constant.
Session highjacking is very uncommon anyway, and if you're concerned
at all about security a better solution is to encrypt everything using
https.
For AOL's proxy details look at:
http://webmaster.info.aol.com/proxyinfo.html
Rich.
--
Richard Jones, CTO Merjis Ltd.
Merjis - web marketing and technology - http://merjis.com
Internet Marketing and AdWords courses - http://merjis.com/courses - NEW!
Merjis blog - http://blog.merjis.com - NEW!
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list