This connection hijacking scenario and the proxy program used were developed by Laszlo Toth and presented at Hackactivity 2009 (http://soonerorlater.hu/index.khtml?article_id=514).The flash presentation can be viewed at http://soonerorlater.hu/flash/pytnsproxy_1.htm.

This is a classic scenario and example of a man in the middle (MITM) attack in which an interposed attacker hijacks a client connection.

For this scenario we will use three hosts: database server (noderorcl1), Oracle client (nodeorcl5), and attacker host (mitmattack). The scenario will be performed using Oracle 11.0.1.6 Enterprise Edition on all hosts. The attacker host will be configured on a virtual machine running Fedora 11 x 84 (Leonidas # 1 SMP ...