WebApp Sec: Re: improvements in session management?

<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: improvements in session management?

From: Michael Ströder <michael () stroeder com>
Date: Thu, 01 Apr 2004 13:30:46 +0200

WebAppSecurity [Technicalinfo.net] wrote:

1.  Only allow any user to have a single active connection to the web
application. (simultaneous logins result in slosure of all sessions).


Great opportunity for DoS attacks. ;-)

Ciao, Michael.

By Date By Thread

Current thread:

Re: improvements in session management? dd (Mar 31)
- Re: improvements in session management? Michael Ströder (Apr 01)
  - Re: improvements in session management? dd (Apr 01)
- RE: improvements in session management? WebAppSecurity [Technicalinfo.net] (Apr 01)
  - Re: improvements in session management? Michael Ströder (Apr 01)
    - Re: improvements in session management? Michael Ströder (Apr 01)
    - Re: improvements in session management? dd (Apr 01)
    - RE: improvements in session management? WebAppSecurity [Technicalinfo.net] (Apr 01)
- <Possible follow-ups>
- Re: improvements in session management? Michael Ströder (Mar 31)
- Re: improvements in session management? Tim Akinbo (Apr 01)

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]