[Owasp-appsensor-project] idea – Session redirection (wishlist?)

Rcbarnett rcbarnett at gmail.com
Tue Sep 21 07:15:05 EDT 2010 

Don,
I actually just recommended the same thing -
https://lists.owasp.org/pipermail/owasp-appsensor-project/2010-September/000140.html


Sent from my iPhone

On Sep 21, 2010, at 12:35 AM, Don Thomas <don.thomas.cissp at gmail.com> wrote:

> 
> Michael,
> 
> I was impressed with your talk at the OWASP conference in Irvine.  I talked to you after your presentation.  I mentioned that I have an idea or concept that I would like to see added to the wish list for the AppSensor project.   I don’t know if this idea is doable, but I thought that I would at least throw it out there and see.  I am not a developer, but I have been working in IT and networking for almost 30 years and see a real need to be able to redirect an incoming session based on triggers.  My first thought was that AppSensor might be the first tool that I have seen that might be able to identify a session, and possibly request the session to be redirected based on a trigger.
> 
> I have had this idea floating in my head for a while.  What I would like to see is a method to redirect an obvious bad user (an attacker) to another system, such as a honey pot or a system that can handle such an attack, while keeping the session totally transparent from the attacker.  
> 
> What I am thinking is once a set of events are triggered, the AppSensor can initiate or trigger a re-direction of a session to another web server.   This could be as simple as having a load balancer accept a re-direction request (assuming that a load balancer could accept such a request), or something within the application can automatically redirect the session to another web server.
> 
> The main purpose to redirect a session is to relive the main web server(s) from the attack.  The secondary benefit would be that there is a set of servers that are focused for this type of abuse and could gather more detailed logging for analysis.
> 
> And an obvious third benefit would be that the additional detailed knowledge of the attack could also benefit the AppSensor researchers.
> 
> Anyway, I don’t know how doable this idea of session redirection is, but I thought that I would at least share the idea that I had…
> 
> I would be curious in what you thought and if this would even be possible?
> 
> Anyway, thank you for listening…
> 
> Best regards,
> 
> Don Thomas
> 
>  
> 
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100921/e500edcf/attachment.html

More information about the Owasp-appsensor-project mailing list