[Owasp-delhi] Session Related Issues

Parmendra Sharma s.parmendra at gmail.com
Mon Feb 16 00:02:53 EST 2009


Dear OWASP Members,

Please put some light on the following points:

-> While scanning a website using a tool to find out the possible
vulnerabilities...what happens if the Session Time is short for an
application. To overcome this problem should we increase the number of
threads used by the scanner for faster scanning......but it will also
increase the load on the server.

-> While using some Authentication testing tools such as Web Brute
(Webinspect), Brutus .....How does these tools works with an application
having a short Session timeout as cracking passwords took a lot of time
depending upon the strength of the password.

-- 
Thanks and Regards:

Parmendra Sharma
Indian Computer Emergency Response Team (CERT-In)
Ministry of Information Technology
Government of India
6 C.G.O Complex
Lodhi Road
New Delhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090216/ad7dea67/attachment.html 


More information about the Owasp-delhi mailing list