session replay

Session IDs facilitate user tracking for a Web site and can provide automatic authentication for future visits to that site or associated sites. The session ID can be stored as a cookie, form field or URL. Once the intruder obtains session ID data (see session prediction), he can conduct either a session replay or session hijacking attack.

A session hijacking intrusion is easily detected because it occurs while a session is in process. Because a session replay attack does not occur in real time, however, such an attack may only be discovered when the user learns he has been the victim of identity theft or some other form of fraud.

Software countermeasures capable of minimizing the threat of session replay are similar to those used for application security. Examples include:

• conventional firewalls
• application firewalls
• encryption/decryptionl programs
• anti-virus programs
• pop-up blockers
• spyware detection/removal programs.

Behavioral countermeasures include:

• frequent deletion of stored cookies and temporary files from Web browsers
• making sure that browsers do not remember passwords
• setting browsers to purge all personal data every time they are closed (if they offer this feature)
• installing updates and patches promptly when they become available
• refraining to click on links in e-mail messages from questionable sources
• avoiding questionable Web sites.

Read more about session replay: - David Endler discusses session IDs and explains how they can be exploited. - Jan Wolter offers a guide to Web authentication alternatives.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Password Management and Policy,   Identity Management Technology and Strategy,   Enterprise Identity and Access Management,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Making the case for enterprise IAM centralized access control Central access to multiple applications and systems can raise the level of security while getting rid of red tape, so how do you go about creating... How to prevent brute force webmail attacks Expert Sherri Davidoff explains why brute-force attacks on webmail accounts are such a popular hacking technique. Best practices for a privileged access policy to secure user accounts Enterprises need to secure accounts belonging to actual users by reviewing and monitoring their privileged access.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary graphical password  (SearchSecurity.com) identity chaos  (SearchSecurity.com)