Jeff Prosise has an article posted this month in MSDN Magazine on “Foiling Session Hijacking Attempts”. I was talking about this issue with a friend last week, so this is very timely. If you want to protect against session cookie information being stolen from your ASP.NET website, give Jeff's solution a try.
