Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Introduction

Session hijacking is a type of cyber attack where an attacker takes over a user's active session with a web application or online service. This allows the attacker to impersonate the user and access their personal data, perform transactions, or manipulate their account. To prevent such attacks, various prevention measures are in place such as the use of HTTPs, Session Expiration, XSS prevention with CSP policies and so on. Furthermore, a session hijacking middle ware is in place, that checks for unusual session activities.

Anomaly detection

Within the same session, changes to the following parameter will trigger the session hijacking middle ware and users will be presented with a generic error message.

Parameter

Description

Resolved

Public IP

If the public IP changes, the session hijacking middle ware will be triggered.

The public IP will be determinated in the same way as documented here.

Host

If the host changes, the session hijacking middle ware will be triggered.

The public IP will be determinated by the HTTP request.

User Agent

If the user agent changes, the session hijacking middle ware will be triggered.

The public IP will be determinated by the HTTP request.

  • No labels