Session Hijacking, Spoofing, and Man-in-the-Middle Attacks

Attacks on systems and networks can involve falsification of credentials or misrepresentation. This collection of attacks involves a hacker posing as another entity or sending messages that their system is actually a different machine. These attacks include session hijacking, spoofing, and man-in-the middle attacks.

Session Hijacking

Session hijacking occurs when a hacker is able to take over a connection after a client has authenticated with a server (FIGURE 2-8). To perform this attack, a hacker must eavesdrop on the session to learn details, such as the addresses of the session endpoints and the sequencing numbers. With this information, the hacker can desynchronize the client, ...

Get Network Security, Firewalls, and VPNs, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.