1 |
Session hijacking scenario:
-
A telnets to B to get some work done
-
Attacker resets connection to A
-
Attacker kicks of A and takes over the session to B. The logs will show that A made all changes
|
2 |
Other tools: Juggernout, TTYWatcher, IPWatcher
|
3 |
Defenses: use strong authentication (SSH), do not telnet to critical computers
|