Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCE 548 Student Presentation By Manasa Suthram

Published byPierce Lucas Modified over 7 years ago

Similar presentations

Presentation on theme: "CSCE 548 Student Presentation By Manasa Suthram"— Presentation transcript:

1 CSCE 548 Student Presentation By Manasa Suthram
Session Hijacking CSCE 548 Student Presentation By Manasa Suthram

2 What is Session Hijacking?[1]
Attacks that take over an active TCP/IP communication without the user’s permission or knowledge. Attackers enjoy the same access of resources as the compromised user. Network protocols like Telnet, FTP are especially attractive to attackers.

3 Different Types of Session Hijack Attacks[1]
Active: Original user has logged in his account and then attacker steals the cookies to hijack the active session Passive: attackers capture the login credentials by observing the user’s new connection with the server Hybrid: combination of both active and passive attack.

4 What makes the attack so dangerous?[2]
These attacks cannot be eliminated by software patches, complex passwords or multi-factor authentication. Root cause lies in the design implementation to inherent to the TCP/IP protocols. All machines regardless of OS or hardware architecture are vulnerable to this attack. Compromises all three sides of the CIA triad.

5 Procedural Overview of Session Hijacking[1]
Step 1: Locating a target Step 2: Find an active session Step 3: Perform sequence number prediction Step 4: Take one of the parties offline Step 5: Take over the session and maintain the connection

6 Example[1] Normal Telnet Traffic Forcing ARP entry

7 Hijack Traffic Telnet Packet with incorrect MAC address

8 Complete session Hijack of a Telnet Session
ACK storm

9 Tools to Session Hijack[1][2]
Juggernaut: runs only on LINUX OS. Hunt: Unix based software application T-Sight: Windows OS Wireshark or Kismet: for wireless networks

10 Detecting Session Hijack Attacks[1][2]
Packet sniffers: to scan signatures of an attack -Used often as an investigation tool Intrusion Detection System (IDS) Encrypt end-to-end Use session ID monitors: BlackSheep

11 Session Hijacking Remediation[1]
Defence in depth strategy has to be applied

12 Conclusion[1][2] Session Hijacking is still considered as one of the top few risks on the web today. Defending session hijack is difficult because it is independent of software and hardware architectures. Many factors come into picture to reduce user’s exposure to this attack like firewall configuration, IPSec, secure FTP, Telnet etc.

13 References room/whitepapers/windows/session-hijacking- windows-networks-2124 n-hijacking-and-web-based-attacks hacking-session-hijacking

Download ppt "CSCE 548 Student Presentation By Manasa Suthram"

Similar presentations

Module X Session Hijacking

Module X Session Hijacking
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.

Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Sniffing the sniffers - detecting passive protocol analysers John Baldock, Intel Corp Craig Duffy, Bristol UWE.

Sniffing the sniffers - detecting passive protocol analysers John Baldock, Intel Corp Craig Duffy, Bristol UWE.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.

Firewalls Presented By Hareesh Pattipati. Outline Introduction Firewall Environments Type of Firewalls Future of Firewalls Conclusion.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Telnet/SSH: Connecting to Hosts Internet Technology1.

Telnet/SSH: Connecting to Hosts Internet Technology1.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Similar presentations

Ads by Google