[Owasp-appsensor-project] Change to Detection Points - SE5 Source IP Address Changes During Session
colin.watson at owasp.org
Fri Jun 11 04:35:13 EDT 2010
On 11 June 2010 00:19, Michael Coates <michael.coates at owasp.org> wrote:
> I agree this should be broader. Its quite possible an IP address would
> change during normal use. I think its better to look at a scenario that
> shouldn't happen e.g. user's ip changes from US to Europe. We just need to
> find that best way to describe that.
> Michael Coates
> On 6/9/10 7:24 PM, John Melton wrote:
> just need a bit more info here - is the intention to allow a user to switch
> IPs as long as it's in the same range and / or ASN and be considered ok?
> On Wed, Jun 9, 2010 at 10:35 AM, Colin Watson <colin.watson at owasp.org>
>> Suggestion to CHANGE an existing detection point. Has this already
>> been ruled out? Should it be changed?
>> [Owasp-appsensor-project] AppSensor- a few ideas, Fri Sep 18 10:30:31 EDT
>> Rather than a single IP Address, make the sensor specification broader
>> to also allow ASN check instead.
>> 1. Leave name unchanged (i.e. keep as "Source IP Address Changes
>> During Session")
>> 2. Change description to "Valid requests, containing valid session
>> credentials, are received from multiple source IP addresses or source
>> IP address ranges or source Autonomous System Number (ASN)"
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
More information about the Owasp-appsensor-project