Session Hijacking (2)

• Session hijacking scenario:

  • A telnets to B to get some work done
  • Attacker resets connection to A
  • Attacker kicks of A and takes over the session to B. The logs will show that A made all changes

• Other tools: Juggernout, TTYWatcher, IPWatcher

• Defenses: use strong authentication (SSH), do not telnet to critical computers

Previous slide

Next slide

Back to first slide

View graphic version