[Owasp-appsensor-project] Change to Detection Points - SE6 Change Of User Agent Mid Session

Colin Watson colin.watson at owasp.org
Fri Jun 11 04:44:35 EDT 2010


Noted.

Colin

On 11 June 2010 00:17, Michael Coates <michael.coates at owasp.org> wrote:
> I think I'd rather go with Colin's change suggestion. I don't really want 2
> or 3 detection points all trying to capture the same idea and only differing
> by the header value they are discussing.  We can help educate people here at
> the same time :)
>
> Michael Coates
> OWASP
>
> On 6/9/10 7:21 PM, John Melton wrote:
>
> I vote for splitting out into a new issue, since the name does denote the
> user agent changing, which most people associate w/ that one header, for
> better or worse.
>
> On Wed, Jun 9, 2010 at 10:35 AM, Colin Watson <colin.watson at owasp.org>
> wrote:
>>
>> Suggestion to CHANGE an existing detection point.  Has this already
>> been ruled out?  Should it be changed?
>>
>> Source
>> -----------------------------------
>> Just another idea
>>
>> Description
>> -----------------------------------
>> Other headers such as Accept-Encoding and Accept-Language can be used
>> to help detect a session being used by someone else.  It could relate
>> to public resources too (i.e. unauthenticated users).
>>
>> 1. Leave name unchanged (i.e. keep as "Change Of User Agent Mid Session")
>>
>> 2. Change first sentence of description to "The header User-Agent or
>> Accept-Encoding or Accept-Language change during an authenticated
>> session."
>>
>> 3. Removed the word "authenticated" from above sentence?
>>
>> *** Or split this idea out into a new sensor e.g. SE7? ***
>> _______________________________________________
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>


More information about the Owasp-appsensor-project mailing list