Full Disclosure mailing list archives
Re: defense against session hijacking
From: David Maynor <dave () 0dayspray com>
Date: Mon, 17 Nov 2003 17:51:40 -0500
On Mon, Nov 17, 2003 at 05:44:24PM -0500, Damian Gerow wrote:
Thus spake David Maynor (dave () 0dayspray com) [17/11/03 17:30]:This would break things like NATed machines and such.Could you explain how, please? If machine A gets NATed to firewall B, and webserver C gets the session... It's going to record the address of firewall B, not machine A. I fail to see how using the connection source's IP address would break NAT.* And I don't know what you mean by 'and such'.
You assume a straight 1 to 1 natting, that is not always the case. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- defense against session hijacking Thomas M. Duffey (Nov 17)
- Re: defense against session hijacking Gary E. Miller (Nov 17)
- Re: defense against session hijacking Ron DuFresne (Nov 19)
- Re: defense against session hijacking David Maynor (Nov 17)
- Re: defense against session hijacking Damian Gerow (Nov 17)
- Re: defense against session hijacking Frank Knobbe (Nov 17)
- Re: defense against session hijacking Damian Gerow (Nov 17)
- Re: defense against session hijacking David Maynor (Nov 17)
- Re: defense against session hijacking Damian Gerow (Nov 17)
- window hiding sir kaber (Nov 17)
- Re: defense against session hijacking |reduced|minus|none| (Nov 17)
- Re: defense against session hijacking Gary E. Miller (Nov 17)
- Re: defense against session hijacking Scott Taylor (Nov 17)
- Re: defense against session hijacking Bill Pennington (Nov 17)
- Re: defense against session hijacking Jason Ziemba (Nov 18)
- Re: defense against session hijacking Tim (Nov 18)
- Re: defense against session hijacking Jakob Lell (Nov 19)
- Message not available
- Re: defense against session hijacking flatline (Nov 19)