Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: defense against session hijacking

From: David Maynor <dave () 0dayspray com>
Date: Mon, 17 Nov 2003 17:51:40 -0500
On Mon, Nov 17, 2003 at 05:44:24PM -0500, Damian Gerow wrote:

Thus spake David Maynor (dave () 0dayspray com) [17/11/03 17:30]:

This would break things like NATed machines and such.


Could you explain how, please?

If machine A gets NATed to firewall B, and webserver C gets the session...
It's going to record the address of firewall B, not machine A.  I fail to
see how using the connection source's IP address would break NAT.*  And I
don't know what you mean by 'and such'.


You assume a straight 1 to 1 natting, that is not always the case.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: