Session Hijacking (1)

• Allows an attacker to steal, share, terminate, monitor and log any terminal session that is in progress

• Session stolen across the network

• bypass all forms of strong authentication

• HUNT, session hijacking tool written in November 1998: http://www.rootshell.com allows insertion of commands or takeover of session

• What can be hijacked: telnet, rlogin, rsh, ftp

Previous slide

Next slide

Back to first slide

View graphic version