Active Sessions

An active session is a user's connection after he has authenticated his identity and has been granted privileges. If a hacker can access a session in this state, he can get access without the need for authentication. He can interact with the system as the user whose session it was.

Unattended Sessions

An unattended session occurs whenever a user leaves a session active when it is not being used. This allows anyone who has access to the terminal device access to that session. As far as the system is concerned , he or she is the person who left the session unattended. He or she has all the privileges of that user and will be able to perform any operation which that user could perform as that user. Unattended sessions generally occur when someone physically steps away from his or her terminal or PC without logging off or locking it. Setting automatic log-off or terminal locking features for idle sessions will help, but user awareness is critical to reducing this vulnerability.

Session Hijacking

Hijacking is the process of interrupting the communications between the server and the client systems so that the attacker is able to insert information into the session or completely take over the session. Hijacking is accomplished by being able to spoof the communication protocol. Some implementations of the TCP protocol use very predictable sequence numbers , which allows someone on the network to intercept and take over the session.

^[47] Allen, Paul and Millman, Rene, "Robust Wireless Standard is Flawed," IT Week , 22 February 2002.