Dangers Posed by Session Hijacking

TCP session hijacking is a dangerous attack: most systems are vulnerable to it, because they use TCP/IP as their primary communication protocol. Newer operating systems have attempted to secure themselves from session hijacking by using pseudo-random number generators to calculate the ISN, making the sequence number harder to guess. However, this security measure is ineffective if the attacker is able to sniff packets, which gives all the information required to perform this attack.
The following are reasons why it's important for a CEH to be aware of session hijacking:
  • Most computers are vulnerable.
  • Few countermeasures are available to adequately protect against it.
  • Session hijacking attacks are simple to launch.
  • Hijacking is dangerous because of the information that can be gathered during the attack.

No comments:

Post a Comment

Popular Posts