Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Filtering by client IP address for Web App Sessions

from [Amichai Shulman] Network Security [Permanent Link]
Subject: RE: Filtering by client IP address for Web App Sessions
Date: Thu, 24 Feb 2005 13:35:04 +0200 
We have been monitoring traffic to sites in Israel and some other
countries too. It is not uncommong anywhere to have clients swap IP
address during a single session. However it seems to us that 24 higher
bits of address appears to be constant.

Amichai Shulman
CTO




Imperva, Inc.
22 Hachilazon St.
Ramat Gan


(972)-3-6120133 x103 Office
(972)-3-7511133 Fax
(972)-50-6544451 Mobile
shulman@imperva.com
 
 
 
 
 
 
 
 
 
 
 


-----Original Message-----
From: Evans, Arian [mailto:Arian.Evans@fishnetsecurity.com] 
Sent: Wednesday, February 23, 2005 5:13 PM
To: webappsec@securityfocus.com
Subject: Filtering by client IP address for Web App Sessions


Question for those outside of the US of A:

In Europe, Asia, etc. do you have:

1. Any significant user population of your web applications comprised of
AOL (America online) users?

2. Are there many ISPs or large organizations using megaproxies that
swap client source IPs across entire classes of netblock (e.g. -like AOL
does)?

I've been telling people for years that you can't filter by source or
even last octet netblocks and lately have been wondering if I'm dense
and this is a US-centric bias of mine thanks to the ISP behaviors I've
had to deal with over the years.

Feedback appreciated,

Arian
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Solutions, Results, and Comments - Was [ISA Server and SQL Injection], Jeff Williams
Next by Date:  RE: state management by client IP address for Web App Sessions, Evans, Arian
Previous by Thread:  Re: Filtering by client IP address for Web App Sessions, Frank Knobbe
Next by Thread:  RE: Filtering by client IP address for Web App Sessions, Griffiths, Ian
Indexes:  [Date] [Thread] [Top] [All Lists]