Session Hijacking
An attacker takes a user offline and takes over the existing session.
- Passive - attacker hijacks a session, and records traffic intended for original user
- Active - attacker hijacks a session and interacts with the other system(s)
- Session Hijacking protocol
- Find a target
- Perform sequence prediction
- Use nmap to determine the feasibility of this
- use packet sniffer to get sequence numbers
- Find an active session
- Guess the sequence numbers
- take one of the parties offline
- take over the session
- Programs that perform hijacking
- Juggernaut
- Hunt
- TTY Watcher - free
- IP Watcher - commercial
Please mail any comments about this page to wsummers@cs.nmhu.edu