Session Hijacking Attack

Description

Also known as man in the middle attacks, session hijacking deceives a server or a client into accepting the upstream host as the actual legitimate host. Instead the upstream host is an attacker's host that is manipulating the network so the attacker's host appears to be the desired destination.

Vulnerabilities

• Poor or predictable session identifiers
• Long session timeouts
• Insecure communication channel (lacking confidentiality protection)

Countermeasures

• Use strong random numbers for session identifiers (e.g., GUIDs)
• User smaller session timeout windows
• Utilize SSL or IPSec w/ Encryption to establish a secure communication channel