There are no translations available

 
Home arrow Forums
wimsedu le forum
Welcome, Guest
Please Login or Register.    Lost Password?
Re:Faille de sécurité (1 viewing) (1) Guest
Go to bottom Post Reply Favoured: 0
TOPIC: Re:Faille de sécurité
#1968
Rémi Lapeyre (User)
Fresh Boarder
Posts: 4
graphgraph
User Offline Click here to see the profile of this user
13 Years, 11 Months ago Karma: 0  
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
#1969
schaersvoorde (User)
Junior Boarder
Posts: 31
graphgraph
User Offline Click here to see the profile of this user
13 Years, 11 Months ago Karma: 0  
You are right, it's fairly easy to "hack" into a user_session,once you've copied the session_number.
(pen and paper...)

Using the IP adress for extra security won't help , if all users share the same ip-adres from the localnetwork [eg using a router to internet].

On our school we've had a single "serious incident" of a pupil logging into a supervisor/teacher session [she left the computer room for a few minutes, not logging off...]
All 'exams & sheets' were altered, passwords changed etc etc.

This has proven a very good lesson to all other users/teachers: they now close the session when leaving the computer

kind regards,
Joke Evers
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
#1970
Rémi Lapeyre (User)
Fresh Boarder
Posts: 4
graphgraph
User Offline Click here to see the profile of this user
13 Years, 11 Months ago Karma: 0  
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
#1971
Rémi Lapeyre (User)
Fresh Boarder
Posts: 4
graphgraph
User Offline Click here to see the profile of this user
13 Years, 11 Months ago Karma: 0  
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
#1972
schaersvoorde (User)
Junior Boarder
Posts: 31
graphgraph
User Offline Click here to see the profile of this user
13 Years, 11 Months ago Karma: 0  
There is also the possibility to set very "sharp" timings on idle user_sessions.
e.g. kill the idle session after -let's say- 5 minutes. Leaving the "hacker" not much time to intrude and destroy
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
#1974
bernadette (Admin)
Admin
Posts: 638
graph
User Online Now Click here to see the profile of this user
13 Years, 11 Months ago Karma: 23  
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
#1975
Rémi Lapeyre (User)
Fresh Boarder
Posts: 4
graphgraph
User Offline Click here to see the profile of this user
13 Years, 11 Months ago Karma: 0  
 
Report to moderator   Logged Logged  
  The administrator has disabled public write access.
Go to top Post Reply
Powered by FireBoardget the latest posts directly to your desktop
© 2024 WimsEdu
Joomla! est un logiciel libre distribué sous licence GNU/GPL.