Question re session hijacking in dual stack environments w/MacOS

• Previous message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Next message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

What about users on cgnat? I know isp's in the far east that only offer cgnat and it's pot lock how you go out.

------Original Message------
From: Michael Brown
Sender: NANOG
To: Brandon Butterworth
To: nanog at nanog.org
To: dhubbard at dino.hostasaurus.com
Subject: Re: Question re session hijacking in dual stack environments w/MacOS
Sent: Sep 26, 2015 23:19

‎> Those site eventually learnt after much feedback not to assume on IPv4 address continuity.

I could envision that those checks might now be relaxed‎ to checking for address continuity in the same /24 for instance.

But when you're seeing the same session being used from two wildly different places (in this case, IPv4 and IPv6) at the SAME TIME, that does seem rather suspicious in the absence of other information.

M.

Regards,

Dovid

• Previous message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Next message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]