Question re session hijacking in dual stack environments w/MacOS

Brandon Butterworth brandon at rd.bbc.co.uk
Sat Sep 26 23:35:05 UTC 2015


> From: David Hubbard <dhubbard at dino.hostasaurus.com>
> Websites that require some type of authentication that is handled via
> session cookies have been booting our users out randomly with "your ip
> address has changed" type message.  This occurs when their Mac decides
> to switch between protocols because the site views it as a session
> hijacking attempt when Joe User with session ID xyz switches from
> 192.0.2.10 to 2001:db8::1:1:a or vice versa.
> 
> Has anyone run into this?

It's 1997 again? This used to be a common IPv4 problem for us as users
exited through a cluster of squid caches which could result in a
different address per request. Those site eventually learnt after much
feedback not to assume on IPv4 address continuity.

brandon



More information about the NANOG mailing list