Home page logo

basics logo Security Basics mailing list archives

Session Hijacking
From: Frank Oz <jedi31337 () gmail com>
Date: Thu, 19 Jan 2006 21:00:55 -0500

Just a quick question as I'm preparing a Web Portal document and wanted to
include some security pieces. This customer wants to have a 2-6 hour or even
umlimited timeout set for their user when they disconnect, because
they don't want to re-login every time.

If a user closes his browser and the session stays active, what else can a
hacker achieve during this time ?

Thanks for the help in advance !

  By Date           By Thread  

Current thread:
  • Session Hijacking Frank Oz (Jan 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]