Penetration Testing and Network Defense

 < Day Day Up > 

Will Turner: We're going to steal a ship? That ship?

Jack Sparrow: Commandeer. We're going to commandeer that ship. Nautical term.

Pirates of the Caribbean: The Curse of the Black Pearl (2003, Disney/Jerry Bruckheimer Inc.)

In most pirate movies, an unprepared ship is overtaken by a crew of pirates. This hijacking happens as the ship is en route to its destination with its cargo as it has probably done many times before.

Session hijacking is similar to pirates taking over a cargo ship. You hijack an existing session of a host en route to your target. The target has no idea that the session has been hijacked and grants you permission as if you were an authorized host.

In Chapter 5, "Performing Host Reconnaissance," you read about performing reconnaissance techniques to discover information about your target. Now that you have gathered information, you can attempt attacks to breach the security of the target. One of the ways to do this is through session hijacking.

This chapter covers session hijacking techniques and tools in addition to methods that detect and protect against these attacks.

     < Day Day Up > 

    Категории