Basic HTML version of Foils prepared July 6 99

Foil 86 Session Hijacking (2)

From Security Infrastructure fo Electronic Commerce and Internet CPS714 Computational Science Information Track -- June 2 and June 7 99. by Roman Markowski


Session hijacking scenario:
  • A telnets to B to get some work done
  • Attacker resets connection to A
  • Attacker kicks of A and takes over the session to B. The logs will show that A made all changes
Other tools: Juggernout, TTYWatcher, IPWatcher
Defenses: use strong authentication (SSH), do not telnet to critical computers



© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Tue Jul 6 1999