Session Hijacking, Spoofing, and Man-in-the-Middle Attacks

Attacks on systems and networks can involve falsification of credentials or misrepresentation. This collection of attacks involves a hacker posing as another entity or sending messages that their system is actually a different machine. These attacks include session hijacking, spoofing, and man-in-the middle attacks.

Session Hijacking

Session hijacking occurs when a hacker is able to take over a connection after a client has authenticated with a server (FIGURE 2-8). To perform this attack, a hacker must eavesdrop on the session to learn details, such as the addresses of the session endpoints and the sequencing numbers. With this information, the hacker can desynchronize the client, ...

Get Network Security, Firewalls, and VPNs, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.