[Owasp-appsensor-project] Change to Detection Points - SE5 Source IP Address Changes During Session

Colin Watson colin.watson at owasp.org
Fri Jun 11 04:35:13 EDT 2010


Noted.

Colin

On 11 June 2010 00:19, Michael Coates <michael.coates at owasp.org> wrote:
> I agree this should be broader. Its quite possible an IP address would
> change during normal use. I think its better to look at a scenario that
> shouldn't happen e.g. user's ip changes from US to Europe.  We just need to
> find that best way to describe that.
>
> Michael Coates
> OWASP
>
> On 6/9/10 7:24 PM, John Melton wrote:
>
> just need a bit more info here - is the intention to allow a user to switch
> IPs as long as it's in the same range and / or ASN and be considered ok?
>
> On Wed, Jun 9, 2010 at 10:35 AM, Colin Watson <colin.watson at owasp.org>
> wrote:
>>
>> Suggestion to CHANGE an existing detection point.  Has this already
>> been ruled out?  Should it be changed?
>>
>> Source
>> -----------------------------------
>> [Owasp-appsensor-project] AppSensor- a few ideas, Fri Sep 18 10:30:31 EDT
>> 2009
>>
>> https://lists.owasp.org/pipermail/owasp-appsensor-project/2009-September/000005.html
>>
>> Description
>> -----------------------------------
>> Rather than a single IP Address, make the sensor specification broader
>> to also allow ASN check instead.
>>
>> 1. Leave name unchanged (i.e. keep as "Source IP Address Changes
>> During Session")
>>
>> 2. Change description to "Valid requests, containing valid session
>> credentials, are received from multiple source IP addresses or source
>> IP address ranges or source Autonomous System Number (ASN)"
>>
>> Reference
>> http://www.apnic.net/services/services-apnic-provides/helpdesk/faqs/asn-faqs
>> _______________________________________________
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>


More information about the Owasp-appsensor-project mailing list