Write short note on Session hijacking

The Eduladder is a community of students, teachers, and programmers just interested to make you pass any exams. So we solve previous year question papers for you.
See Our team
Wondering how we keep quality?
Got unsolved questions?

Ask Questions
Networks-Laboratory-Manual--10CSL77-->View question


Write short note on Session hijacking.

Write short note on Session hijacking.


By:mmodi1995

Taged users:
|Jessika-K|tarun101

Likes:
|prabhat2346|psonika29

Dislikes:
Be first to dislike this question

Talk about thisDelete|Like|Dislike|


Answers

TCP session hijacking is a security attack on a user session over a protected network. The most common method of session hijacking is called IP spoofing, when an attacker uses source-routed IP packets to insert commands into an active communication between two nodes on a network and disguising itself as one of the authenticated users. This type of attack is possible because authentication typically is only done at the start of a TCP session.

Another type of session hijacking is known as a man-in-the-middle attack, where the attacker, using a sniffer, can observe the communication between devices and collect the data that is transmitted.

Different ways of session hijacking :

    There are many ways to do Session Hijacking. Some of them are given below –
    Using Packet Sniffers

        In the above figure, it can be seen that attack captures the victim’s session ID to gain access to the server by using some packet sniffers.
          Cross Site Scripting(XSS Attack)
            The attacker can also capture victim’s Session ID using XSS attack by using javascript. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the attacker.
              IP Spoofing
                Spoofing is pretending to be someone else. This is a technique used to gain unauthorized access to the computer with an IP address of a trusted host. In implementing this technique, attcker has to obtain the IP address of the client and inject his own packets spoofed with the IP address of client into the TCP session, so as to fool the server that it is communicating with the victim i.e. the original host.
                  Blind Attack 
                    If the attacker is not able to sniff packets and guess the correct sequence number expected by server, brute force combinations of sequence number can be tried.

                                To defend a network with session hijacking, a defender has to implement both security measures at Application level and Network level. Network level hijacks can be prevented by Ciphering the packets so that the hijacker cannot decipher the packet headers, to obtain any information which will aid in spoofing. This encryption can be provided by using protocols such as IPSEC, SSL, SSH etc. Internet security protocol (IPSEC) has the ability to encrypt the packet on some shared key between the two parties involved in communication. IPsec runs in two modes: Transport and Tunnel.
                      In Transport Mode only the data sent in the packet is encrypted while in Tunnel Mode both packet headers and data are encrypted, so it is more restrictive.

                      Session hijacking is a serious threat to Networks and Web applications on web as most of the systems are vulnerable to it.


Purnima

Likes:
|leo

Dislikes:
Be first to dislike this answer
Talk about this|Once you have earned teacher badge you can edit this questionDelete|Like|Dislike|
------------------------------------

Can you help us to add better answer here? Please see this



Not the answer you're looking for? Browse other questions from this Question paper or ask your own question.

Join eduladder!