Session Fixation (Man in the middle attack)

Session based attacks to web pages are based on the notion that a session ID (which is a unique identifier for a web page visitor’s session) is known by a third party who then can pass that session ID to a web site and assume the identity of the visitor. This is also known as the “Man in the middle” attack. What does this mean for you and your company? Well, an attacker is using this technique to interject themselves into your communication process. The third party can be passively reading the contents of your information, taking what they want from it. They also can be a more active participant by editing and falsifying information within your system.

These attacks have been around for a long time, they are nothing new. They also are not as common as phishing, ransomware or malware. However, they are a useful tool for those looking to steal personal information such as passwords and credit information. You want your system to be as secure as possible and you want to make sure those you are working with know how to protect you from these sort of attacks.

One technique that McKula employs is to change the session ID after a user has logged in to one of our applications. We employ a technique which uses “Reflection” to parse through and collect a mirror copy of the original session’s values, destroy the original session and recreate a new session. We then reapply all of the original session’s values to the new session but now with a new unique session ID, thus rendering the original session ID useless to any man in the middle who might have copied it.

For more tips on how McKula can help you protect your online properties please contact us today for a free consultation.

Scroll to Top