[184126] in North American Network Operators' Group
Re: Question re session hijacking in dual stack environments w/MacOS
daemon@ATHENA.MIT.EDU (Michael Brown)
Sat Sep 26 23:19:17 2015
X-Original-To: nanog@nanog.org
Date: Sat, 26 Sep 2015 23:19:12 -0400
From: Michael Brown <michael@supermathie.net>
In-Reply-To: <201509262335.AAA12179@sunf10.rd.bbc.co.uk>
To: Brandon Butterworth <brandon@rd.bbc.co.uk>, nanog@nanog.org,
dhubbard@dino.hostasaurus.com
Errors-To: nanog-bounces@nanog.org
=E2=80=8E> Those site eventually learnt after much feedback not to assume o=
n IPv4 address continuity.
I could envision that those checks might now be relaxed=E2=80=8E to checkin=
g for address continuity in the same /24 for instance.
But when you're seeing the same session being used from two wildly differen=
t places (in this case, IPv4 and IPv6) at the SAME TIME, that does seem rat=
her suspicious in the absence of other information.
M.
