Session Hijacking
Session hijacking refers to the exploitation of a valid computer session, wherein an attacker takes over a session between two computers.
Overview of session Hijacking
Session hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers the attackers steals a valid session id, which is used to get into the system and sniff the data
An attacker takes over a TCP session between two machines,since most authentication occur only at the start point to gain access to a machine.
What is Session Hijacking ?
Session hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers,The attacker steals a valid session id which is used to get into the system and snoop the data,In TCP session hijacking,an attacker takes over a TCP session between two machines,since most authentication only occurs at the start of a TCP session,this allows the attacker to gain access to a machine
Dangers Posed by Hijacking
Key Session Hijacking Techniques
Brute Forcing
The attacker attempts different ids until he suceeds
Calculating
Using non randomly generated ids, an attacker tries to calculate the session ids
Stealing
The attackers uses different techniques to steal session ids
Session hijacking refers to the exploitation of a valid computer session, wherein an attacker takes over a session between two computers.
Overview of session Hijacking
Session hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers the attackers steals a valid session id, which is used to get into the system and sniff the data
An attacker takes over a TCP session between two machines,since most authentication occur only at the start point to gain access to a machine.
What is Session Hijacking ?
Session hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers,The attacker steals a valid session id which is used to get into the system and snoop the data,In TCP session hijacking,an attacker takes over a TCP session between two machines,since most authentication only occurs at the start of a TCP session,this allows the attacker to gain access to a machine
Dangers Posed by Hijacking
- Most counter measures do not work unless you use encryption
- Threat of identify theft,information loss,fraud,etc,..
- Hijacking is simple to launch
- Most computers using TCP/IP are vulnerable
- You can do little to protect against it unless you switch to another secure protocol
Key Session Hijacking Techniques
Brute Forcing
The attacker attempts different ids until he suceeds
Calculating
Using non randomly generated ids, an attacker tries to calculate the session ids
Stealing
The attackers uses different techniques to steal session ids
Post a Comment
Thank you for visiting Afridi's Technoworld