Session Hijacking


  • Passive sniffing is performed when the user is on a hub. Because the user is on a hub, all traffic is sent to all ports.
  • Server versions of Windows cannot be upgraded to Windows XP Professional.
  • MAC flooding and ARP poisoning are the two ways that the attacker can attempt to overcome the switch.
  • MAC flooding is the act of attempting to overload the switches content addressable memory (CAM) table.
  • ARP poisoning is the second method that can be used to overcome switches.
  • ARP is how network devices associate a specific MAC addresses with IP addresses so that devices on the local network can find each other.
  • The ARP cache stores the IP address, the MAC address, and a timer for each entry.

Table FF.6. IP Forwarding Syntax

Operating System




Enter the following command: to edit /proc: 1=Enabled, 0=Disabled

echo 1 > /proc/sys/net/ipv4/ip_forward

Windows 2000, XP, and 2003

Edit the following value in the registry: 1=Enabled, 0=Disabled

IPEnableRouter Location:






Data type: REG_DWORD


Valid range: 01


Default value: 0


Present by default: Yes

Denial of Service

Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg
Simiral book on Amazon © 2008-2017.
If you may any questions please contact us: