Hosting Provided By

Re: How to protect against cookie stealing?

From: Chris Green <cmg(at)sourcefire.com>
Date: Fri Jul 25 2003 - 14:10:57 EDT

".:[ Death Star]:." <deathstar@optonline.net> writes:

> There is another solution, you can use both sessionID's and cookies, so

Has anyone going down this route of incorporating an IP address into the cookie gotten pushback from people on networks with multiple proxies or routing rules?

-- 
Chris Green 
Don't use a big word where a diminutive one will suffice.

Received on Sat Jul 26 09:30:36 2003

This message: [ Message body ]
Next message: Kevin Spett: "Problems with most web app auth schemes"
Previous message: Ulf Harnhammar: "[ANNOUNCE] kses 0.2.0"
In reply to .:[ Death Star]:.: "RE: How to protect against cookie stealing?"
Next in thread: Erik Kangas, PhD: "Re: How to protect against cookie stealing?"
Reply: Erik Kangas, PhD: "Re: How to protect against cookie stealing?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:54 EDT