Session Hijacking

Table of contents:


  • Passive sniffing is performed when the user is on a hub. Because the user is on a hub, all traffic is sent to all ports.
  • Server versions of Windows cannot be upgraded to Windows XP Professional.
  • MAC flooding and ARP poisoning are the two ways that the attacker can attempt to overcome the switch.
  • MAC flooding is the act of attempting to overload the switches content addressable memory (CAM) table.
  • ARP poisoning is the second method that can be used to overcome switches.
  • ARP is how network devices associate a specific MAC addresses with IP addresses so that devices on the local network can find each other.
  • The ARP cache stores the IP address, the MAC address, and a timer for each entry.

Table FF.6. IP Forwarding Syntax

Operating System




Enter the following command: to edit /proc: 1=Enabled, 0=Disabled

echo 1 > /proc/sys/net/ipv4/ip_forward

Windows 2000, XP, and 2003

Edit the following value in the registry: 1=Enabled, 0=Disabled

IPEnableRouter Location:






Data type: REG_DWORD


Valid range: 01


Default value: 0


Present by default: Yes

Denial of Service

Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software

Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg © 2008-2020.
If you may any questions please contact us: