Premium Essay

Hijacking

In:

Submitted By royale13211
Words 410
Pages 2
Describe different types of session hijacking. Also research session hijacking on internet and see if you can find a case where session hijacking was successfully used to perform an attack against a system. Include references in your answer.

Network-Level Hijacking – is the interception of packets during the transmission between client and server in a TCP/UDP session. Attacks on network level sessions provide the attacker with critical information to attack application level session.

TCP/IP Hijacking – spoofs packets to take over a connection between a victim and a target machine. The hacker is able to communicate with the host’s machine as if the attacker is the victim when the connection hangs. One-time passwords can be easily attacked through this technique.

IP Spoofing – Allows attackers to create their won acceptable packets tio insert in the TCP session. Attacker spoofs the trusted host’s IP. Then, the hijacker alters the sequence number and acknowledgment number the ser server expects. Forged packets are injected in to the TCP session before the client can respond.

Example:
This is not really a system, but session hijacking Facebook accounts are very popular. I found hundreds videos showing how to hijack an account. Basically, all you need is a computer with an internet browser, Wireshark (Network Protocol Analyzer), cookie injector, and have a wi-fi connection. Once you’re able to find their facebook session, and then use the cookie injector. Bang, you’re in victims account. Steps are in the tutorial below. You can prevent this by using secure connections when browsing the internet. Avoid Wi-Fi connection.

Kissoon, J. Session Hijacking Facebook Accounts. Retrieved 6 June 6, 2014 from http://cleverlogic.net/tutorials/session-hijacking-facebook-accounts

There are three types security risks associated with web server security. Discuss each

Similar Documents

Free Essay

After the First Death

...is innocent, but not in a good way. Kate believes she is not brave. Kate says to herself, “ I’m not heroic, I’m not brave.” Kate has to summon all of her bravery to try and drive the bus away. Kate is very caring and is always putting the children first. She offers her own life for a child that she does not even know. She comforts the children when they wake up from a nightmare and she soothes them back to sleep. Kate is always putting others before herself and thinks of her safety second. I think that Kate is very brave even in the toughest of situations. Kate tries to win Miro over to make it harder for Miro to kill her. She tells Miro that she think Artkin is his father and this makes him kill Kate. Artkin is the leader of the bus hijacking operation. He...

Words: 327 - Pages: 2

Premium Essay

Session Hijacking

...Preventing Session Hijacking in Cloud Computing Sasha Melanie Personal Research Paper 20th October 2015 Abstract The idea of Cloud processing is turning out to be a well-known concept every passing day particularly in the field of computing and information technology. It refers to both applications that are conveyed as administrations over the Internet and also as resources (software and hardware) in the data centres. With this kind of advancement, the cloud computing technology raises many security concerns. There are several vulnerabilities that come along with cloud computing that may be exploited by attackers through security threats such as session hijacking. This paper gives an overview of the cloud as well as session hijacking highlighting the key vulnerability areas that every organization need to put into consideration before any implementation of cloud computing. The paper gives the basis for further research that would help curb the challenge of session hijacking in cloud computing. TABLE OF CONTENTS Abstract 2 CHAPTER ONE 5 1.0 INTRODUCTION 5 1.1 Motivation for the study 6 1.2 Premises of the study 7 1.3 Problem Statement 7 1.4 Technical objectives of the study 7 CHAPTER TWO 9 2.0 RELATED WORK 9 2.1 Issues with Cloud Computing 9 2.2 ANALYSIS OF SESSION HIJACKING 9 2.2.1 Cookies: 10 2.2.2 TCP session capturing 10 2.3 PREVENTING SESSION HIJACKING 11 2.3.2 Information encryption programming 11 2.3.3 Virus Detection Applications 12 2.3.4 Digitized...

Words: 4485 - Pages: 18

Premium Essay

Session Hijacking

...Preventing Session Hijacking in Cloud Computing Sasha Melanie Personal Research Paper 20th October 2015 Abstract The idea of Cloud processing is turning out to be a well-known concept every passing day particularly in the field of computing and information technology. It refers to both applications that are conveyed as administrations over the Internet and also as resources (software and hardware) in the data centres. With this kind of advancement, the cloud computing technology raises many security concerns. There are several vulnerabilities that come along with cloud computing that may be exploited by attackers through security threats such as session hijacking. This paper gives an overview of the cloud as well as session hijacking highlighting the key vulnerability areas that every organization need to put into consideration before any implementation of cloud computing. The paper gives the basis for further research that would help curb the challenge of session hijacking in cloud computing. TABLE OF CONTENTS Abstract 2 CHAPTER ONE 5 1.0 INTRODUCTION 5 1.1 Motivation for the study 6 1.2 Premises of the study 7 1.3 Problem Statement 7 1.4 Technical objectives of the study 7 CHAPTER TWO 9 2.0 RELATED WORK 9 2.1 Issues with Cloud Computing 9 2.2 ANALYSIS OF SESSION HIJACKING 9 2.2.1 Cookies: 10 2.2.2 TCP session capturing 10 2.3 PREVENTING SESSION HIJACKING 11 2.3.2 Information encryption programming 11 2.3.3 Virus Detection Applications 12 2.3.4 Digitized...

Words: 4485 - Pages: 18

Free Essay

After the First Death

...middle-eastern accent but his birth country is only always named as their “homeland”. He has dark eyes and is probably fifteen, sixteen or either seventeen because he doesn’t know his real age only the one on the birth certificate given to him. His last name isn’t said and Miro might also not be his real name. Miro is a tough teenager and likes action that means he enjoys it when something is happening and situations are changing. He was recruited by Artkin together with his brother Aniel when Artkin found them when they were young; they both were trained for terroristic actions. He is completely loyal to Artkin and he is a kind of model for Miro so he follows everything he says and beliefs in everything Artkin tells him. His assignment in the hijacking was to kill the driver right away after they reached the bridge but he did not kill the driver because it was a girl and he has a kind of flaw for American girls also they could benefit from her as she is a girl and can care for the children they held hostage. Miro says that American boys would consider Kate, the driver, as attractive and alike them he does. He feels himself attracted from her and that is maybe also the reason he does not kill her for a long time. It’s not sure but in the end Kate, says that Artkin was Miros father and because of that he killsher. Kate: Kate Forrester is a bus driver temp for her Uncle and is a blonde American girl she is aged around 17-18 and a high school student. She is also one of the hostages...

Words: 564 - Pages: 3

Premium Essay

Cyber Terrorism

...attacks may entail an individual dressed as a civilian blowing himself up in a packed place or people dressed like civilians hijacking commercial airplanes and flying them to civilian targets like the World Trade Centre. Physical terrorism differs from cyber terrorism in the sense that the later primarily entails carrying out attacks against information found in computers while the former involves an attack against civilians. Those individuals, who dress up as civilians and blow up themselves in a crowded area like a bus constitutes physical terrorism since the attacks aims at destroying human life. Most likely, cyber terrorists use computers or other similar devices to carry out attacks on information found on computers. Cyber terrorism will have more impact than physical terrorism. The main aim of physical terrorism is to cause loss of life whereas cyber terrorism may entail hacking into a country’s critical infrastructure with the sole purpose of causing great harm such as significant damage on the economy or loss of life. Such attacks aim at causing harm on information technology systems that are a critical part of traffic control, medical and emergency services, public safety, as well as public works. For instance, imagine the chaos that would take place if a cyber terrorist attacked the stock market and make it appear to collapse by hijacking the computers of a main brokerage and replacing it with...

Words: 598 - Pages: 3

Premium Essay

Stricter Airport Security After 9/11, 2001

...imperative to the world, we all wanted to stop this from ever happening again. As airports became stricter people started to question whether these new screening processes were protecting us or infringing on our privacy. According to Opposing View Points in Context, Security has not always been a priority for commercial aviation even though attacks on airplanes date as far back as 1933 that year a United Air lines plane exploded over Charleston, Indiana killing all seven passengers on board. No arrests have ever been made even after investigators came to the conclusion that the blast was caused by a nitroglycerin bomb. This is accepted as the first act of air terrorism in history. In the 60’s there were a number of high profile airline hijackings so on September 11th, 1970, Richard Nixon outlined a plan that required all airlines in the United States to screen all passengers and their baggage prior to boarding. X-Ray scanners and metal detectors didn’t come into play till 1972 when the Federal Aviation Administration (FAA) required airlines to scan all passengers with metal detectors in an attempt to stop hijackers from carrying concealed guns and other weapons onto flights. All baggage was also to be screened using x-ray scanners. According to Opposing View Points In Context, After 9/11 the government decided to take a more active role in transportation security so the Transportation Security Agency (TSA) was formed who fall under Homeland Security. Their sol job is to protect...

Words: 984 - Pages: 4

Premium Essay

Going Through a Checkpoint

...Stephanie Thompson Eng101 Spring 2014 Essay 3 Describing a process Going through a federal security checkpoint is no fun at all. Terrorist and criminals have taken what little fun there was out of it. Unfortunately, the entire traveling public has to suffer. There use to be a time when families were able to walk one another right up to an aircraft. The good old days right? It took only a couple of people to ruin it for everyone.... Now a days people are susceptible to pat downs, accessible property searches, and vehicle searches based solely on the fact that they are traveling by means of public transportation. The world we live in is forever changing and it doesn't seem to be changing for the good. When going through a federal security checkpoint have you ever been confused about the process? In this essay I will give history on how the federal security checkpoint came about. Following, I will detail my expertise on the topic. Lastly, I will guide you through the process of getting through a federal security checkpoint successfully. The Transportation Security Administration was created as a response to the September 11, 2001, attacks. On September 11, 2001, 19 militants associated with the Islamic extremist group al-Qaeda hijacked four airliners and carried out suicide attacks against targets within the United States. Two of the planes were flown into the towers of the World Trade Center in New York City, a third plane...

Words: 1200 - Pages: 5

Premium Essay

The Transportation Security Administration (TSA)

...On September 5, 1961, John F. Kennedy signs a bill that makes air piracy punishable by death or imprisonment(2). On January 6, 1960, a mid air explosion killed 34 people on a National Airlines plane, which started the demand for the use of baggage inspection devices(1). In October 1970, the Sky Marshal program was created to try and cut down hijacking attempts(2). This allowed for Airport Security officers to dress as a typical passenger to try and stop any hijacking attempts. On June 22, 1985, Ronald Reagan wanted research done for the Federal Aviation Administration (FAA) armed Federal Air Marshal program aboard all U.s. carriers that are international(2). After the attacks on September 11, 2001, the government created the TSA which would oversee all of airport security and made changes to make security better than before. Also many airports began having thorough security checks done on people and if a person was suspicious they would pat them down and would have dogs sniffing suspicious luggage. On December 22, 2001, TSA implemented a law stating that all shoes had to be taken off during screening after a man had carried matches on aboard...

Words: 1014 - Pages: 5

Free Essay

Body Scanners

...since 9/11 all airports have upped their security in order to prevent terrorist attacks from happening again, and some have proposed to use full-body scanners which will give a more thorough search of which some commend, and some criticize. The people who are for it say that it will give airports a more thorough search of passengers. Critics claim that this is an attack on privacy. Privacy is a natural right to all Americans, but safety is an asset for all living beings. Scanners should be allowed in airports due to their efficiency and protection they offer, and the statements that claim they are a threat to privacy are over-exaggerated. These new security machines will now offer a higher-class of protection, stopping terrorist plane hijacking. CNN's Jessica Ravitz reports that this new technology ''will detect both metallic and nonmetallic'' threat items to keep passengers safe (Ravitz). The most apprehensive situation that could be on a plane isn’t snakes or monsters, its hijackers with weapons and since the introduction of metal detectors terrorists have found ways to get around unnoticed. This will hopefully put a stop to it all. Moreover, the machines can ''reveal objects that metal detectors can miss, such as plastic firearms, ceramic knives, and, yes, possibly explosives hidden in a person’s underwear'', says the USA Today (USA Today). Full-body scanners are superior because unlike a standard detectors, these locate more well-hidden threats. This will make passengers more...

Words: 710 - Pages: 3

Free Essay

Effectiveness of the Aircraft Movement Areas Security Screening Procedures of the Airport Police Department at the Ninoy Aquino International Airport

...Chapter 1 THE PROBLEM AND ITS Background Introduction The September 11, 2001 terrorist attack of the World Trade Center in New York City, USA directly caused the death of more than three thousand innocent civilians when two hijacked jetliners deliberately slammed against the twin towers that used to be a testament to the United States’ economic clout. On the same day, two other hijacked airliners were flown to other targets, one of which was the Pentagon, the seat of America’s military might, while the fourth aircraft crashed in a Pennsylvania field, believed to have been due to its passengers fighting back to regain control. While these incidents are certainly not the latest terrorist attacks against civil aviation, these attacks are significant in the sense that its aftermath truly changed the course of history of many nations and radically changed the lifestyles of many peoples. The earliest recorded terrorist act was on September 9, 1949, when a bomb was placed and exploded in a Quebec Airways flight in Canada. Since that first recorded aviation security breach, security experts had been trying to be one step ahead of the terror groups in hardening aircraft and airport targets against all forms of terrorist attacks. However, on July 22, 1968, three gunmen from the Popular Front for the Liberation of Palestine (PFLP), hijacked a passenger airliner of the Israeli airline El Al, on a flight from Rome to Tel-Aviv, and demanded the release of their comrades-in-arms who were...

Words: 17180 - Pages: 69

Free Essay

Airport Security

...Airport Security 1. The text, Spread Your Legs and Smile, is about a frequent flier who has been working for the United Nations for the past 20 years. This flier has experienced the dramatic changes of security checks. Since 9/11 the airport security has become so strict with the routine of taking off ones shoes, putting them though the screening device and then lacing them up again. Not to mention the added insult of frisking and the bleeping wand that is shoved into one’s private places. If you do not do this with a smile on your face or if you complain, expect the worst. Today, the increase of airport security has resulted in a larger number of secondary screenings as well as a screening of a more diverse selection of travellers in order to apprehend terrorist. In one instance, a mother, who was feeding her baby breast milk in a bottle, had to drink it to prove it was not a lethal toxin. Even a handicapped boy who needed to fly with an oxygen tank had to justify to security that it was not a deadly poison gas he was breathing. 2. In the text, Spread Your Legs and Smile, the attitude toward U.S airport security is very negative. Many believe airport security has become too extreme. The author of this article, Shashi Tharoor, feels that security has gone from pleasant experience to an embarrassing nightmare involving the exposure of intimate items. Tharoor raises the question: could the proliferated pilferage among the frequent-flier circuit be linked to the regulation...

Words: 809 - Pages: 4

Free Essay

Essay Pengguna

...the ransom remains unrecovered. Numerous theories of widely varying plausibility have been proposed by experts, reporters, and amateur enthusiasts.[2][5] While FBI investigators have insisted from the beginning that Cooper probably did not survive his risky jump,[6] the agency maintains an active case file—which has grown to more than 60 volumes[7]—and continues to solicit creative ideas and new leads from the public. "Maybe a hydrologist can use the latest technology to trace the $5,800 in ransom money found in 1980 to where Cooper landed upstream," suggested Special Agent Larry Carr, leader of the investigation team since 2006. "Or maybe someone just remembers that odd uncle."[6] ------------------------------------------------- Hijacking The event began mid-afternoon on Thanksgiving eve, November 24, 1971, at Portland International Airport in Portland, Oregon. A man carrying a black attaché case approached the flight counter...

Words: 3497 - Pages: 14

Premium Essay

The Transportation Security Administration (TSA)

...Government took an active role in Airport Security. So therefore the Congress decided to pass the Transportation Security Act(TSA) in November of 2001, in doing so this created something new called the Transportation Security Administration (TSA).The Transportation Security Administration(TSA) is responsible for protecting U.S. transportation from any further hijackings and other potential attacks. The TSA was originally a part of the Department of Transportation, but later in 2003 it was placed under a new department called the Department of Homeland Security. On Christmas Day 2009, a twenty-three-year-old man by the name Umar Farouk Abdulmutallab tried detonating an armed explosive on a plane that was going from Amsterdam to Detroit, Michigan. Before boarding the plane, Abdulmutallab put some explosives in his pants, which somehow they gone undetected by the scanners. He boarded the plane and once the plane took flight, he tried to detonate the bomb but fortunately though he didn't wire the bomb correctly and the bomb didn't explode. After this bombing attack the Transportation Security Administration(TSA)...

Words: 773 - Pages: 4

Premium Essay

Enlis Bib

...Semaj griffin 4/14/2015 Ivy tech community college Jeffrey Mitchell Literature review Safety After the events of September 11, 2001, questions were raised regarding the reliability and security of American commercial air travel and the safety of U.S. airports from which commercial planes depart and land. More than any other component of the U.S. transportation system, air security has garnered the most attention because historically, in large measure, the adoption of counterterrorism policies and programs are in direct response to specific events (Waugh, 2004) in his article says that. Airplanes were used to carry out the events of September 11th, therefore the aviation sector has received a large amount of counterterrorism attention. Since 9/11 and the creation of the Department of Homeland Security and the Transportation Security Administration, several measures have been implemented to enhance aviation security. Deployment of federal passenger screeners at the nation’s airports - Institution of 100% checked baggage screening; utilization of explosive detection systems or explosive trace detection equipment to screen checked baggage - Background checks on all airport personnel - Suspension of the Transit without Visa program (and the International-to-International transit program (ITI), eliminating terrorists’ ability to exploit such programs to gain access to U.S.-bound aircraft or the United States - Expansion of the Federal Air Marshal program so that thousands...

Words: 2919 - Pages: 12

Premium Essay

Lierature Review

...Semaj griffin 4/14/2015 Ivy tech community college Jeffrey Mitchell Literature review Safety After the events of September 11, 2001, questions were raised regarding the reliability and security of American commercial air travel and the safety of U.S. airports from which commercial planes depart and land. More than any other component of the U.S. transportation system, air security has garnered the most attention because historically, in large measure, the adoption of counterterrorism policies and programs are in direct response to specific events (Waugh, 2004) in his article says that. Airplanes were used to carry out the events of September 11th, therefore the aviation sector has received a large amount of counterterrorism attention. Since 9/11 and the creation of the Department of Homeland Security and the Transportation Security Administration, several measures have been implemented to enhance aviation security. Deployment of federal passenger screeners at the nation’s airports - Institution of 100% checked baggage screening; utilization of explosive detection systems or explosive trace detection equipment to screen checked baggage - Background checks on all airport personnel - Suspension of the Transit without Visa program (and the International-to-International transit program (ITI), eliminating terrorists’ ability to exploit such programs to gain access to U.S.-bound aircraft or the United States - Expansion of the Federal Air Marshal program so that thousands...

Words: 2919 - Pages: 12