|Keep It Simple, Stupid|
Re^2: Net::IP convert ip to intby cavac (Chaplain)
|on Jun 24, 2012 at 19:11 UTC||Need Help??|
As another monk told you, assuming the user alsways gets an IP from the same block is a dangerous road. It wont work for most DSL links and certainly not for mobile devices like tablets.
Even assuming the user stays in the same building (for example a company), when unplugging or plugging an ethernet cable, many devices automatically switch from WLAN to LAN or vice versa. And, on a reasonably big network, these might be in different IP ranges.
Also, you can not assume that it's "safe" if the IP changed but stayed in the same IP range. Many script kiddies are just that: Young people, often living or working in a small or large group together. You know, pupils, students, apprentice PerlMonks, and so on. And often enough, they are very... enthusiastic... about their skills while still learning the more intricate details of right and wrong... ;-)
On the other hand, multiple users may share a single IP adress because they are behind a NAT or using a SSH connection or other tunnel to the same server. Or, for HTTP, they might use the same proxy.
Your method also ultimatively will fail rather sooner than later from a simple, mathematical standpoint: We are running out of IPv4 adresses and more and more networks start to enable IPv6. For this, you need another set of calculations.
Finally, you can not even rely on an unchanged IP. With access to the users local network, it's usually not that hard to knock his/her computer of the net and re-use the IP for ones own purposes for a short time. That's why cryptography was invented. You know, SSL and stuff.
(Not that anything i just said really matters for the "wrong" kind of users. I know a number people who run a pirated, unpatched Version of XP. Without AntiVirus of course. But with IE6 that came pre-installed. Only two of them have learned their lesson in the last year, both got their online banking access hijacked.)
"You have reached the Monastery. All our helpdesk monks are busy at the moment. Please press "1" to instantly donate 10 currency units for a good cause or press "2" to hang up. Or you can dial "12" to get connected directly to second level support."