Session Hijacking (会话劫持)

Session Hijacking

  Also referred to as TCP session hijacking, a security attack on a user session over a protected network. The most common method of session hijacking is called IP spoofing, when an attacker uses source-routed IP packets to insert commands into an active communication between two nodes on a network and disguising itself as one of the authenticated users. This type of attack is possible because authentication typically is only done at the start of a TCP session. Another type of session hijacking is known as a man-in-the-middle attack, where the attacker, using a sniffer, can observe the communication between devices and collect the data that is transmitted.

  会话劫持

  也叫 TCP会话劫持,它是在受保护的网络上对用户的会话进行安全攻击。会话劫持最常见的方式叫IP欺骗,攻击者利用源路由的IP包,将命令插入网络上两节点之间正在进行的通信中,把自己伪装成一个被认证过的用户。由于通常只在TCP会话开始时进行认证,所以此类攻击是可能的。另一类会话劫持被叫做中间人攻击,攻击者利用探测程序,可以观测到设备之间的通信,并收集发送出去的数据。

posted @ 2009-12-07 13:49  独奏者  阅读(1511)  评论(0编辑  收藏  举报