I would say that it's even more likely than you might
initially suspect. Some large organisations, such as AOL,
have been known to send all of their traffic through just
a handful of gateways. I've run into this problem a few
times.
Typically, as Masem suggests, I add in some sort of random
value, and as precise a time value as I care to conjure up,
just to even out the randomness a bit. Also, if the script
runs on several machines behind a load balancer, I'll use
an unique identifier of the machine (host id on Sun, for
example) to limit my collision space further. Be creative,
but be wary of this problem.
In addition, the less formulaic the data is that you encrypt,
the less likely someone will be able to hijack the session
by computing what another user's session identifier is.
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.
|