WebApp Sec: Re: Tying a session to an IP address

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: Tying a session to an IP address

From: "Adam Tuliper" <amt () gecko-software com>
Date: Mon, 10 May 2004 12:00:05 -0400

One item to not forget is AOL's "super proxies" could
 create a problem on a scheme where you need to
reauthenticate (provided the world is able to use your
application) if the ip address changes. They have multiple
proxy servers (however, their proxy ip lists are published
so this can be worked around, but... its still a point to
note)


---------------------------------------------------------------------
Web mail provided by NuNet, Inc. The Premier National provider.
http://www.nni.com/

By Date By Thread

Current thread:

Re: Tying a session to an IP address, (continued)
- Re: Tying a session to an IP address Imre Kertesz (May 10)
- Re: Tying a session to an IP address [summary] Paul Johnston (May 12)
- RE: Tying a session to an IP address Mike Randall (May 10)
- RE: Tying a session to an IP address Imperva Application Defense Center (May 10)
  - Re: Tying a session to an IP address T.J. (May 10)
  - Re: Tying a session to an IP address Adam Tuliper (May 10)
    - RE: Tying a session to an IP address Steve McCullough (May 11)
- RE: Tying a session to an IP address Wolf, Yonah (May 10)
- RE: Tying a session to an IP address Scovetta, Michael V (May 10)
  - Re: Tying a session to an IP address exon (May 10)
  - Re: Tying a session to an IP address Mark Foster (May 10)