Trojans and Backdoors

Session Hijacking

  • Spoofing is the act of pretending to be someone else, whereas hijacking involves taking over an active connection.
  • For hijacking to be successful, several things must be accomplished. Identify and find an active session, predict the sequence number, take one of the parties offline, and take control of the session.
  • A fundamental design of TCP is that every byte of data transmitted must have a sequence number. The sequence number is used to keep track of the data and to provide reliability.
  • Using encrypted protocols such as SSH can make session hijacking more difficult for the attacker.

Hacking Web Servers





Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg
Simiral book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net