Web Log of Aleksey Nudelman: Thoughts on Software Architecture

Analysis and Review of Microsoft Technologies for IT Managers, Architects and Developers

Home » Archives » January 2005 » Session hijacking

[Previous entry: "CitrixOnline (formerly Expertcity) is hiring"] [Next entry: "Microsoft released an anti- spyware tool"]

01/03/2005: "Session hijacking"


When computers need to talk to each other, they simply do so. But, how do you know that your computer is really talking to the computer it thinks it's talking to?

How do you know that an attacker has not taken over the session between the computers and is passively monitoring the conversation, or even changing it? You would certainly know it—belatedly—if the order for 1,000 widgets that you sent to a business partner was received as an order for 100,000 widgets. This can happen, courtesy of a well-timed strike by an intruder.

Right now, you might be asking:

"How does this work?"
"Is my network susceptible to this?"
"What can I do to prevent this from happening?"

Session hijacking works by taking advantage of the fact that most communications are protected (by providing credentials) at session setup, but not thereafter. These attacks generally fall into three categories: Man-in-the-middle (MITM), Blind Hijack, and Session Theft.
Article



  Home
  Archives
Phishing Inspector is  available

Copyright© 2006 Aleksey Nudelman