I was not clear, sorry. A good "semi-unique-id" must use IP, browser version and other data collected from the http headers. Of course the IP alone is not enough.
(except for marketing guys, who trully believe we can magically know exactly now many people are browsing the site..) On Wed, 14 Jun 2006 23:14:06 +0200 Michael Weinert <[EMAIL PROTECTED]> wrote: MW> Am Mittwoch, 14. Juni 2006 21:30 schrieb Cardoso: MW> MW> > A simple SQL query can delete all records from the same IP/machine, if MW> > the counter is above 2. MW> Ha, you think phisher are that smart? I for myself hit the button MW> only once with fake credentials from my dynamic IP. MW> If everybody does it... Well... MW> MW> Besides many networks are natted so you see the same IP very often. MW> MW> just my 2 cents. MW> MW> -- MW> MW> SysQuadrat Systeme mit Sicherheit MW> Michael Weinert Stuttgart Filderstadt-Plattenhardt MW> Tel.: 0711-9970288 Fax: 5360559 Mobil: 0170-4141273 MW> http://www.linux-firewall.de [EMAIL PROTECTED] MW> KeyServer hkp://pgp.mit.edu Allgemeinen Anschulterlaubnis Cardoso <[EMAIL PROTECTED]> - SkypeIn: (11) 3711-2466 / (41) 3941-5299 vida digital: http://www.contraditorium.com site pessoal e blog: http://www.carloscardoso.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/