Session Hijacking Attack

From Guidance Share

Jump to: navigation, search

Description

Also known as man in the middle attacks, session hijacking deceives a server or a client into accepting the upstream host as the actual legitimate host. Instead the upstream host is an attacker's host that is manipulating the network so the attacker's host appears to be the desired destination.


Vulnerabilities

  • Poor or predictable session identifiers
  • Long session timeouts
  • Insecure communication channel (lacking confidentiality protection)


Countermeasures

  • Use strong random numbers for session identifiers (e.g., GUIDs)
  • User smaller session timeout windows
  • Utilize SSL or IPSec w/ Encryption to establish a secure communication channel
Personal tools