Ethical Hacker Community Forums

Ethical Hacking Discussions and Related Certifications => CEH - Official Course Modules v5 => Topic started by: don on November 15, 2006, 11:34:19 AM


Title: CEH v5 Module 10: Session Hijacking
Post by: don on November 15, 2006, 11:34:19 AM
 What is Session Hijacking?
 Spoofing  vs. Hijacking
 Steps in Session Hijacking
 Types of Session Hijacking
    o Active
    o Passive
 The 3-Way Handshake
 TCP Concepts 3-Way Handshake
 Sequence Number Prediction
 TCP/IP Hijacking
 RST Hijacking
 RST Hijacking Tool: hijack_rst.sh
 Programs that Perform Session Hijacking
 Hacking Tools
    o Juggernaut
    o Hunt
    o TTY Watcher
    o IP Watcher
    o T-Sight
    o Paros HTTP Session
 Remote TCP Session Reset Utility
 Dangers Posed by Hijacking
 Protecting against Session Hijacking
 Countermeasure: IP Security
 IP-SEC

Source:
http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm

Don


Powered by SMF 1.1.7 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com