Basic HTML version of Foils prepared
May 19 99
Foil 32 Session Hijacking (2)
From
Computer Crimes: Examples of Network Security attacks Tango Group Internal Technology Seminars --
April 23 99
.
by
Roman Markowski
Session hijacking scenario:
A telnets to B to get some work done
Attacker resets connection to A
Attacker kicks off A and takes over the session to B. The logs will show that A made all changes
Other tools: Juggernout, TTYWatcher, IPWatcher
Defenses: use strong authentication (SSH), do not telnet to critical computers
©
Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu
If you have any comments about this server, send e-mail to
webmaster@npac.syr.edu
.
Page produced by
wwwfoil
on Mon Aug 16 1999
Basic HTML version of Foils prepared May 19 99
