Blocking IPs [...]:, and they're so easy to fake only the technically dull bad people will be affected.

Wow. It is easy for you to fake an IP and have the results sent back to you? You'll have to explain that before I believe you.

If you are using IP for security, then the only risk from faking IPs is that someone can send you data with a forged IP in hopes of getting you to act on it. Simply requiring a minimal dialogue that includes repeating hard-to-predict data is enough to make such extremely unlikely.

An attacker having control over a block of IP adresses is a separate issue.

- tye        


In reply to Re^3 : Another way to get around automated bots (fake IP) by tye
in thread Another way to get around automated bots by AssFace

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":