CHAPTER 10 Session Hijacking. INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other.

Slides:



Advertisements
Similar presentations
Module X Session Hijacking
Advertisements

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
Computer Security and Penetration Testing
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
1 Reading Log Files. 2 Segment Format
Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Network Attacks Mark Shtern.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
TCP/IP Network and Firewall. IP Packet Protocol  1 ICMP packet  6 TCP packet  17 UDP packet.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
The Transport Layer Chapter 6. The Transport Service Services Provided to the Upper Layers Transport Service Primitives Berkeley Sockets An Example of.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 The Attack and Defense of Computers Dr. 許 富 皓. 2 Network Architecture:
COEN 252: Computer Forensics Router Investigation.
1 Advanced Application and Web Filtering. 2 Common security attacks Finding a way into the network Exploiting software bugs, buffer overflows Denial of.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Forensic and Investigative Accounting
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Chapter 6: Packet Filtering
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
Chapter 8 Phase3: Gaining Access Using Network Attacks.
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
SSH and SSL CIT304 University of Sunderland Harry R. Erwin, PhD.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Transmission Control Protocol TCP. Transport layer function.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Packet Protocols University of Sunderland CSEM02 Harry R. Erwin, PhD.
Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998.
Linux Networking and Security
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Tunneling and Securing TCP Services Nathan Green.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
CSE 461 Section. Let’s learn things first! Joke Later!
CIS 450 – Network Security Chapter 5 – Session Hijacking.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
CHAPTER 9 Sniffing.
Chapter 8 Phase3: Gaining Access Using Network Attacks
1 The Attack and Defense of Computers Dr. 許 富 皓. 2 Network Architecture:
Network Attacks Bharatha Yajaman ISQS Outline Sniffing  Passive Sniffing  Active Sniffing IP Address Spoofing  Changing the IP address  Undermining.
FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.
Lesson 7: Network Security and Attacks. Computer Security Operational Model Protection = Prevention+ (Detection + Response) Access Controls Encryption.
Sniffing and Session Hijacking Lesson 12. Session Hijacking Passive Attacker hijacks a session, but just sits back and watches and records all of the.
Hands-On Ethical Hacking and Network Defense
Web Security Introduction (Some of the slides were adapted from Oppliger’s online slides at
Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.
Computer Network Architecture Lecture 6: OSI Model Layers Examples 1 20/12/2012.
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
MIS Week 9 Site:
Cisco I Introduction to Networks Semester 1 Chapter 7 JEOPADY.
TCP Sliding Windows For each TCP connection each hosts keep two Sliding Windows, send sliding window, and receive sliding window to make sure the correct.
Application Layer Functionality and Protocols Abdul Hadi Alaidi
Executive Director and Endowed Chair
CSCE 548 Student Presentation By Manasa Suthram
Working at a Small-to-Medium Business or ISP – Chapter 8
Introduction to Network Security
TCP/IP Internetworking
TCP/IP Internetworking
Working at a Small-to-Medium Business or ISP – Chapter 7
Figure 3-23: Transmission Control Protocol (TCP) (Study Figure)
Presentation transcript:

CHAPTER 10 Session Hijacking

INTRODUCTION The act of taking over a connection of some sort, for examples, network connection, a modem connection or other type of connection. If compared with sniffing, session hijacking is an active attack, sniffing is a passive attack. The point of hijacking a connection is to exploit trust. As example, imagine we are able to monitor traffic between two machines, one is a server and other is a client. We can catch the root user logging in via Telnet and we have successfully stolen the password.

TYPES OF HIJACKING TCP Session Hijacking In TCP Hijacking, an attacker pay attention to all the details that go into a TCP connection. TCP connection include things like sequence numbers, TCP headers, ACK packets, etc. TCP connection starts out with the standard TCP three-way handshake: the client sends a SYN packet, the server sends a SYN-ACK packet and the client responds with an ACK packet and starts to end data or wait for the server to send.

TYPES OF HIJACKING An attacker can hijack the connection in some ways, such as, during the initial handshake or before the authentication phase had completed. TCP Session Hijacking with Packet Blocking Without packet blocking, an attacker only can inject packets but not remove them. In this technique, an attacker has completely controls the transmission of packets between two hosts. In fact, such systems to take over connections in this manner exist today we call them transparent firewalls.

TYPES OF HIJACKING TCP Session Hijacking Tools There are two widely known tools that can be used for session hijacking: Juggernaut Juggernaut was written by route, editor of Phrack magazine. It has two operating modes: The first to act as a sniffer of sorts, triggering on a particular bit of data. The second is to act as session hijacker and connection reset.

TYPES OF HIJACKING Hunt Hunt is a tool created by Pavel Krauz. Like Juggernaut, Hunt has sniffing modes and session hijacking modes. Unlike Juggernaut, Hunt adds some ARP tools to perform ARP spoofing in order to get victim hosts to go through an attacking machine. Hunt also can eliminate the ACK storm problems typically associated with a TCP session hijack.

TYPES OF HIJACKING UDP Session Hijacking In UDP session hijacking, an attacker doesn’t need features like TCP, for example, sequence numbers and ACK mechanism to do session hijacking. Terminal Session These attacks taking place in the wild back in the beginning of In this attack, an attacker concern on connection between terminal.

HIJACKING PROTECTION There are a couple of techniques that can be employed to protect specific hijacking attempts. Encryption Ssh Ssh can replaced the functionality of Telnet, ftp, rlogin and rcp. In addition, we can tunnel other protocols like HTTP over an Ssh connection. SSL It is obviously available for Web server where it is most widely deployed.

HIJACKING PROTECTION It also can be used with POP, SMTP and IMAP. Storm Watchers This technique is used to watch for something that doesn’t match retransmission and duplicate packets. Basically this is the IDS approach.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.