[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question re session hijacking in dual stack environments w/MacOS

Subject: Question re session hijacking in dual stack environments w/MacOS
From: michael at supermathie.net (Michael Brown)
Date: Sat, 26 Sep 2015 23:19:12 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

?> Those site eventually learnt after much feedback not to assume on IPv4 address continuity.

I could envision that those checks might now be relaxed? to checking for address continuity in the same /24 for instance.

But when you're seeing the same session being used from two wildly different places (in this case, IPv4 and IPv6) at the SAME TIME, that does seem rather suspicious in the absence of other information.

M.

References:
- Question re session hijacking in dual stack environments w/MacOS
  - From: brandon at rd.bbc.co.uk (Brandon Butterworth)

Prev by Date: Question re session hijacking in dual stack environments w/MacOS
Next by Date: Recent trouble with QUIC?
Previous by thread: Question re session hijacking in dual stack environments w/MacOS
Next by thread: Question re session hijacking in dual stack environments w/MacOS
Index(es):
- Date
- Thread