Question re session hijacking in dual stack environments w/MacOS

• Previous message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Next message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2015-09-26 14:34, David Hubbard wrote:
> Websites that require some type of authentication that is handled via
> session cookies have been booting our users out randomly with "your ip
> address has changed" type message.  This occurs when their Mac decides
> to switch between protocols because the site views it as a session
> hijacking attempt when Joe User with session ID xyz switches from
> 192.0.2.10 to 2001:db8::1:1:a or vice versa.
>
>

This sounds like a really poor practice on the part of the website 
operators.  Users on wireless devices may be switching networks 
throughout the same session (wifi/LTE), or there could be a cluster of 
proxies, or short DHCP leases, or tor circuit changes, or privacy 
extensions, etc.  This is almost as bad as using GeoIP databases to 
authenticate.

-Laszlo

• Previous message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Next message (by thread): Question re session hijacking in dual stack environments w/MacOS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]