WebApp Sec mailing list archives
Re: improvements in session management?
From: Michael Ströder <michael () stroeder com>
Date: Thu, 01 Apr 2004 13:30:46 +0200
WebAppSecurity [Technicalinfo.net] wrote:
1. Only allow any user to have a single active connection to the webapplication. (simultaneous logins result in slosure of all sessions).
Great opportunity for DoS attacks. ;-) Ciao, Michael.
Current thread:
- Re: improvements in session management? dd (Mar 31)
- Re: improvements in session management? Michael Ströder (Apr 01)
- Re: improvements in session management? dd (Apr 01)
- RE: improvements in session management? WebAppSecurity [Technicalinfo.net] (Apr 01)
- Re: improvements in session management? Michael Ströder (Apr 01)
- Re: improvements in session management? Michael Ströder (Apr 01)
- Re: improvements in session management? dd (Apr 01)
- RE: improvements in session management? WebAppSecurity [Technicalinfo.net] (Apr 01)
- Re: improvements in session management? Michael Ströder (Apr 01)
- Re: improvements in session management? Michael Ströder (Apr 01)
- <Possible follow-ups>
- Re: improvements in session management? Michael Ströder (Mar 31)
- Re: improvements in session management? Tim Akinbo (Apr 01)