Question re session hijacking in dual stack environments w/MacOS

• Previous message (by thread): Malware? Spammer?
• Next message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hey all, as we've slowly deployed IPv6 to our end users, it has begun to
cause some issues for those on Mac's specifically.  Apple apparently has
an algorithm at some point in the network stack to decide whether IPv4
or IPv6 is, perhaps, 'better' or 'faster' at any given point in time
during an ongoing session.  This allows a computer talking to a dual
stack remote website to flip flop between v4 and v6 as activity is
conducted.

Websites that require some type of authentication that is handled via
session cookies have been booting our users out randomly with "your ip
address has changed" type message.  This occurs when their Mac decides
to switch between protocols because the site views it as a session
hijacking attempt when Joe User with session ID xyz switches from
192.0.2.10 to 2001:db8::1:1:a or vice versa.

Has anyone run into this?  Our users on other platforms don't seem to
have this issue; linux and MS desktops seem to just use v6 if it's
available and v4 if not.

Thanks,

David

• Previous message (by thread): Malware? Spammer?
• Next message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]