fc_11_session_hijacking Flashcards

Question 1

Q

What is session hijacking?

Answer

A

Session hijacking refers to an attack where an attacker takes over a valid TCP communication session between two computers
Since most authentication only occurs at the start of a TCP session, this allows the attacker to gain access to a machine
Attackers can sniff all the traffic from the established TCP sessions and perform identity theft, information theft, fraud, etc. The attacker steals a valid session ID and uses it to authenticate himself with the server
A session hijacking attack refers to the exploitation of a session-token generation mechanism or token security controls so that the attacker can establish an unauthorized connection with a target server.

Question 2

Q

Why are session hijacking attacks successful?

Answer

A

No account lockout out for invalid session ID
Weak Session ID generation algoritm or small session IDs
Insecure handling of session id
indefinate session expiration time
Countermeasures dont work unless you use encryption
Most computers using TCP/IP are vulnerable

Question 3

Q

Session Hijacking Processes 5 steps ka diagram

Question 4

Q

Packet Analysis of a Local Session Hijack (not ratta)

Question 5

Q

Types of Session Hijacking (read)

Question 6

Q

Session Hijacking in OSI Model

Question 7

Q

Spoofing vs. Hijacking

Question 8

Q

Application Level Session Hijacking

Question 9

Q

Compromising Session IDs using Sniffing and by Predicting Session Token

Question 10

Q

How to Predict a Session Token

Question 11

Q

Compromising Session IDs Using Man-in-the-Middle Attack

Question 12

Q

Compromising Session IDs Using Man-in-the-Browser Attack

Question 13

Q

Steps to Perform Man-in-the-Browser Attack

Question 14

Q

Compromising Session IDs Using Client-side Attacks

Question 15

Q

Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack

Question 16

Q

Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack

Question 17

Q

Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack

Question 18

Q

Compromising Session IDs Using Session Replay Attack

Question 19

Q

Compromising Session IDs Using Session Fixation

Question 20

Q

Session Hijacking Using Proxy Servers

Question 21

Q

Session Hijacking Using Forbidden Attack

Question 22

Q

Network-level Session Hijacking

Question 23

Q

TCP/IP Hijacking

Question 24

Q

IP Spoofing: Source Routed Packets

Question 25

Q

RST Hijacking

Question 26

Q

Blind and UDP Hijacking

Question 27

Q

MiTM Attack Using Forged ICMP and ARP Spoofing

Question 28

Q

Session Hijacking Tools

Question 29

Q

Session Hijacking Tools for Mobile

Question 30

Q

Session Hijacking Detection Methods

Question 31

Q

Protecting against Session Hijacking

Question 32

Q

Methods to Prevent Session Hijacking: To be Followed by Web Developers

Question 33

Q

Methods to Prevent Session Hijacking: To be Followed by Web Users

Question 34

Q

Session Hijacking Detection Tools

Question 35

Q

Approaches Vulnerable to Session Hijacking and their Preventative Solutions

Question 36

Q

Approaches to Prevent Session Hijacking

Question 37

Q

IPSec

Question 38

Q

IPSec

Question 39

Q

IPsec Authentication and Confidentiality

Question 40

Q

Session Hijacking Prevention Tools

Question 41

Q

Session Hijacking Pen Testing