What Are The Consequences Of Securing A Page Based On Ip Address Rather Than Using A Db-driven Login System?

Posted by Conversion Expert | Hacker Safe | Friday 10 July 2009 4:07 pm

For instance, if I have a page that only shows itself to certain ip addresses, I know that it will not be as safe as a db-driven login system, but, can a hacker abuse my system?

2 Comments »

  1. Comment by DogmaBit — July 10, 2009 @ 4:07 pm

    Many people connect with dynamic addresses. That means the address they use is different every time they connect. Also, the address they had last time will be recycled to someone else.
    If you give access to a specific IP, every person in the future who gets that IP will be allowed.

  2. Comment by anotherb — July 10, 2009 @ 4:07 pm

    An IP address is relatively easy to spoof. It is not normally an authenticated identity.

RSS feed for comments on this post. TrackBack URI

Leave a comment