Basic HTML version of Foils prepared May 19 99

Foil 31 Session Hijacking (1)

From Computer Crimes: Examples of Network Security attacks Tango Group Internal Technology Seminars -- April 23 99. by Roman Markowski
Allows an attacker to steal, share, terminate, monitor and log any terminal session that is in progress
Session stolen across the network
HUNT, session hijacking tool written in November 1998: http://www.rootshell.com allows insertion of commands or takeover of session
What can be hijacked: telnet, rlogin, rsh, ftp

© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Mon Aug 16 1999