Home page logo
/

basics logo Security Basics mailing list archives

RE: Session Hijacking
From: "Chaminda Rajamanthri" <ChamindaR () zillione com>
Date: Mon, 23 Jan 2006 11:09:06 +0600

Its is possible for compromising your network via sniffing.


Best Regards,

Chaminda Rajamanthri          

Technical Specialist 

ZILLIONe Systems Solutions (Pvt) Ltd.

166/2, Havelock Road ,

Colombo - 05 Sri Lanka

Tel: +94 (011) 451 5350 - Ext: 186

Fax: +94 (011) 259 9670

Email: ChamindaR () zillione com

http://www.zillione.com

  


-----Original Message-----
From: Frank Oz [mailto:jedi31337 () gmail com] 
Sent: Thursday, January 19, 2006 6:01 PM
To: security-basics () securityfocus com
Subject: Session Hijacking

Just a quick question as I'm preparing a Web Portal document and wanted
to
include some security pieces. This customer wants to have a 2-6 hour or
even
umlimited timeout set for their user when they disconnect, because
they don't want to re-login every time.

If a user closes his browser and the session stays active, what else can
a
hacker achieve during this time ?

Thanks for the help in advance !

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Session Hijacking Frank Oz (Jan 22)
    • <Possible follow-ups>
    • RE: Session Hijacking Chaminda Rajamanthri (Jan 23)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault