Basic HTML version of Foils prepared July 6 99

Foil 85 Session Hijacking (1)

From Security Infrastructure fo Electronic Commerce and Internet CPS714 Computational Science Information Track -- June 2 and June 7 99. by Roman Markowski
1 Allows an attacker to steal, share, terminate, monitor and log any terminal session that is in progress
2 Session stolen across the network
3 bypass all forms of strong authentication
4 HUNT, session hijacking tool written in November 1998: http://www.rootshell.com allows insertion of commands or takeover of session
5 What can be hijacked: telnet, rlogin, rsh, ftp
in Table To:

© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Tue Jul 6 1999