[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] defense against session hijacking

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] defense against session hijacking
From: David Maynor <dave@0dayspray.com>
Date: Mon, 17 Nov 2003 17:51:40 -0500

On Mon, Nov 17, 2003 at 05:44:24PM -0500, Damian Gerow wrote:
> Thus spake David Maynor (dave@0dayspray.com) [17/11/03 17:30]:
> > This would break things like NATed machines and such.
> 
> Could you explain how, please?
> 
> If machine A gets NATed to firewall B, and webserver C gets the session...
> It's going to record the address of firewall B, not machine A.  I fail to
> see how using the connection source's IP address would break NAT.*  And I
> don't know what you mean by 'and such'.
> 
You assume a straight 1 to 1 natting, that is not always the case.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] defense against session hijacking
  - From: "Thomas M. Duffey" <tduffey@homeboyz.com>
- Re: [Full-Disclosure] defense against session hijacking
  - From: David Maynor <dave@0dayspray.com>
- Re: [Full-Disclosure] defense against session hijacking
  - From: Damian Gerow <damian@sentex.net>

Prev by Date: Re: [Full-Disclosure] defense against session hijacking
Next by Date: Re: [Full-Disclosure] defense against session hijacking
Previous by thread: Re: [Full-Disclosure] defense against session hijacking
Next by thread: [Full-Disclosure] window hiding
Index(es):
- Date
- Thread