[Owasp-delhi] Security threats.

Kumar, Bhupendra. Kumarb3 at iocl.co.in
Tue Dec 8 05:39:49 EST 2009


Hi All,

Can any one plz explain the threats present in a specific scenario as explained below:

User has logged-on in certain ERP application to carry out some transactions. ERP application has been configured for Automatic logoff after prolong idle time of 2 hrs. However desktop is set to get locked after idle time of 5 minutes.
After idle time of 5 minutes when desktop is locked, Can anyone from remote misuse/hacked the logged ERP application / session and carry out unauthorised activities.  If Yes, How ? and What are ways to protect from such a scenario.

Thanks all your support and coordination.

Warm Regards,


Bhupendra Kumar
 Tel.: +91-124-2349456


This Message was sent from Indian Oil Messaging Gateway, New Delhi, India. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20091208/c490cd57/attachment.html 


More information about the Owasp-delhi mailing list