Presented By:

Kirti Raj Bhatele

Assistant Professor,
RJIT, BSF Academy, Tekanpur, Gwalior

UNIT 2
Content

 Web jacking
 Online Frauds
 Software Piracy
 Computer Network Intrusions
 Password Sniffing
 Identity Theft
Web jacking
 This term is derived from the term hi jacking. In these kinds
of offences the hacker gains access and control over the web
site of another.
 He may even change the information on the site. This may be
done for fulfilling political objectives or for money. E.g.
recently the site of MIT (Ministry of Information Technology)
was hacked by the Pakistani hackers and some obscene matter
was placed therein.
 Further the site of Bombay crime branch was also web jacked.
Another case of web jacking is that of the ‘gold fish’ case. In
this case the site was hacked and the information pertaining to
gold fish was changed.
Web jacking

 There are many ways in which a hacker may get to know a

password, the most common being the password cracking
wherein the cracking software is used to guess a password.

 Password cracking attacks are most commonly of two types:

The dictionary attack where the software will attempt all the
word contained in a predefined dictionary of words.

 The other form is using the ‘Brute Force’. In this attack the
software tries to guess the password by trying all possible
combination of numbers, symbols, letters till the correct
password is found.
Example
 In an incident reported in the USA, the owner of a hobby
website for children received an e-mail informing her that a
group of hackers had gained control over her website.

 They demanded a ransom of 1 million dollars from her. The

owner, a schoolteacher, did not take the threat seriously. She
felt that it was just a scare tactic and ignored the e-mail.

 The hackers web jacked her website and subsequently altered a

portion of the website which was entitled ‘How to have fun
with goldfish’.
Example
 In all the places where it had been mentioned, they had
replaced the word ‘goldfish’ with the word ‘piranhas’. Piranhas
are tiny but extremely dangerous flesh-eating fish.

 Many children had visited the popular website and had

believed what the contents of the website suggested. These
unfortunate children followed the instructions, tried to play
with piranhas, which they bought from pet shops, and were
very seriously injured!
 “Internet or online fraud is a form of fraud
which uses any component of the Internet to
accomplish the intended fraudulent activity.” -
National White Collar Crime Center, USA
Online fraud or internet fraud
 “The term ‘Internet or online fraud’ refers generally to any
type of fraud scheme that uses one or more components of
the Internet - such as chat rooms, e-mail, message boards,
or Web sites - to present fraudulent solicitations to
prospective victims, to conduct fraudulent transactions, or
to transmit the proceeds of fraud to financial institutions
or to other connected with the scheme.” Source: US
Department of Justice
Online fraud or internet fraud
 “Internet auction fraud was by far the most reported
offense, comprising 44.9% of referred complaints. Non-
delivered merchandise and/or payment accounted for
19.0% of complaints. Check fraud made up 4.9% of
complaints.
 Credit/debit card fraud, computer fraud, confidence fraud,
and financial institutions fraud round out the top seven
categories of complaints referred to law enforcement
during the year.”
 Source: Internet Crime Complaints Center
Tools Used for Online Fraud
 Email
 Chat rooms
 Websites
 Portals
 Web Application
Types of Online or Internet Fraud
 Credit/Debit Card Fraud
 Business Deceit
 Recruitment Deceit
 Freight Forwarding Scam
 Advance Fee Fraud
 Non-Delivery of Goods/Service Fraud
Credit/Debit Card Fraud
 This involves the use of credit/debit card to obtain money
or acquire properties without appropriate authorization.

 Fraudsters obtain credit/debit card numbers of victims

from unsecured web media.
Business Deceit
 In this case, fraudsters masquerade themselves as genuine
business people and attempt to collect personal
information such as social security number and date of
birth from respondents, in order to use the data for
purchasing goods which would most likely be transferred
or shipped out of the country.
Recruitment Deceit
 Generic public or private portals can be used for
advertising spurious job openings with the intention to
collect vital information from applicants, and deploy them
for purchasing goods and misuse that information.
Freight Forwarding Scam
 This is an internet fraud that entails the movement of
merchandise from one party to another until it gets to the
major perpetrator, who must have enlisted the other
participants without informing them that the goods were
bought with fake credit cards.
Advance Fee Fraud
 It refers to the type of fraud in which a substantial amount
would be demanded for payment of processing fees that
stand as requirement for release of non-existing
merchandise or large amount of money.
Non-Delivery of Goods/Service Fraud
 This refers to scam in which people are encouraged to pay
for goods and or service via a web portal, and thereafter
nothing would be delivered to the buyers.
Software Piracy
What is an Intellectual Property ?
 Intellectual Property is a property that arises from the
human intellect. It is a product of human creation.

 Intellectual Property is the creation of the human

intellectual process and is therefore the product of the
human intellect or mind.
Characteristics of an Intellectual Property

 It is an intangible form of property.

 It is a personal property.

 It is a basic form of property.

 It is based on information.
Why IP protection is given

 Capital expenditure for new products

 R and D
 Marketing and advertisement
 No free loaders
 Maintaining loyal followers
 profit
Common Protected Intellectual Property

 Invention by a patent or as trade secret.

 Utility models by a certificate or secret.
 Industrial Design by a certificate.
 Trade and Service Mark by a certificate.
 Copyright by reducing to a fixed form.
The Laws For Intellectual Property
Protection (IPR laws)
 Copyright Act 1987
 Trademarks Act 1976
 Patent Act 1983
 Industrial Design Act 1996
 Geographical Indications Act 2000
Protection Under Copyright Act
 Protection given by law for a term of years to the
composer, author etc… to make copies of their work..
 Work include literary, artistic, musical, films, sound
recordings, broadcasts.
 Commercial and moral rights.
 No registration provision.
Software Piracy
 Unauthorized use of license software is known as
Software piracy.
 Copying and using commercial software purchased by
someone else.
 One purchase software, he is actually purchasing a license
to use it, not the actual software.
 Cloning CDs, downloading or distributing pirated
software from the Internet or buying a single software
program and then installing it.
 copyright infringement => software piracy
HISTORY OF SOFTWARE PIRACY

 The history of software piracy dates back almost to the

invention of the consumer computer itself, MITS’ altair
8800 by Ed Roberts in 1975.
 Bill Gates and Paul Allen persuaded Roberts to license
BASIC, a programming language from them.
 They used to invite people to see the low priced computer
running various programs.
 Someone then borrowed one of the paper tapes lying
around.
FIRST SOFTWARE PIRACY
Homebrew member Dan Sokol ; after somehow obtaining a
pre-market tape of the interpreter, he made 25 copies and
distributed them at the next Homebrew meeting, urging
recipients to make more copies.
Gates responded in 1976 with a strongly worded Open Letter to
Hobbyists that accused the copiers of theft and declared that he
could not continue developing computer
software that people did not pay for.
TYPES OF SOFTWARE PIRACY
 Soft Lifting
 Hard Disk Loading
 Renting
 OEM Unbundling
 Counterfeiting
 Online Piracy
Soft Lifting
 Means sharing a program with someone who is not
authorized by the license agreement to use it.
 Also known as soft loading.
 A common form of soft lifting involves purchasing a
single licensed copy of software and then loading the
software onto several computers.
 On college campuses, it is rare to find a software program
that has not been softloaded. People regularly lend
programs to their roommates and friends, either not
realizing it’s wrong, or not thinking that it’s a big deal.
Softlifting is common in both businesses and homes.
Hard Disk Loading
 Often committed by hardware dealers.
 This form of piracy involves loading an unauthorized
copy of software onto a computer being sold to the end
user.
 This makes the deal more attractive to the buyer, at
virtually no cost to the dealer. The dealer usually does not
provide the buyer with manuals or the original CDs of the
software. This is how operating systems, like Windows
95, are often pirated.
Renting
 Renting involves someone renting out a copy of software
for temporary use, without the permission of the copyright
holder.
 The practice, similar to that of renting a video from
Blockbuster, violates the license agreement of software.
 OEM Unbundling

 OEM stands for the Original equipment manufacturer.

 Means selling stand-alone software originally meant to be

included with a specific accompanying product.

 An example of this form of piracy is someone providing

drivers to a specific printer without authorization.
Counterfeiting
 Means producing fake copies of software, making it look
authentic.
 This involves providing the box, CDs, and manuals, all
designed to look as much like the original product as
possible.
Online Piracy
 The fastest-growing form of piracy is Internet piracy.
 There are hundreds of thousands of "warez" sites
providing unlimited downloads to any user.
WHY SOFTWARE PIRACY?
 Expensive
 Availability
 Not convenient to buy for each computer
 Ask to buy new version although having original one
 The CD/backup damaged…
 Buy another!! Ridiculous!!
EFFECTS ON USERS
 Lower productivity: that pirated software often includes
incomplete or damaged programs
 Malware Infection: Pirated software can also include
computer viruses (malware) which can destroy data on a
user’s hard drive.
 Subject to raid: Companies can also be subject to raids by
the SIIA (Software & Information Industry Association).
An informant can initiate the process.
 Usually no manuals.
 No access to support in many cases.
 No access to bug fixes and maintenance releases.
EFFECTS ON DEVELOPERS

 Software pirates can destroy the revenue stream of small

companies.
 These small companies often become economically
unstable.
 No initiative for new software development program.
What is Sniffing
 Sniffing is a technique for gaining access through network
based attack.
 A sniffers is a program that gathers traffic from the local
network, and it is useful for attackers looking to swipe
data as well as network administrator trying to
troubleshoot problems.
 Using sniffer, an attacker can read data passing by a given
machine in a real time or store the data.
What is Password sniffing ?
 Password sniffers are program that monitor and record
the name and password of network users as they login.
 Whoever installs the sniffer can then impersonate an
authorized users and login to access restricted
documents.
 Password Sniffing is a Reconnaissance attack.
 Reconnaissance refers to the overall act of the learning
information about a target network by using readily
available information and applications.
Definition-What does Password Sniffer mean?

 A password sniffer is a software application that scans and

records passwords that are used or broadcasted on a
computer or network interface.
 It listens to all incoming and outgoing network traffic and
records any instance of a data packet that contains a password.
 A password sniffer installs on a host machine and scans all
incoming and outgoing network traffic.
 A password sniffer may be applied to most network protocols
including HTTP,IMAP(Internet Message Access
Protocol),FTP(File Transfer Protocol).POP3,Telnet(TN)and
related protocol that carry passwords in same format.
Password Sniffer(Continue...)

 A Password Sniffer that is installed on a gateway or proxy

server can listen and retrieve all passwords that flow
within a network.
 A Password Sniffers is primary used as a network security
tool for sorting and restoring passwords.
 However hackers can crackers use such utilities to sniff
out password for illegal and malicious purposes.
 The Sniffer can be hardware or software.
Tools used
 Password Sniffer Spy
 Run it on Gateway System where all of your network's
traffic pass through.
 In MITM Attack, run it on middle system to capture the
Passwords from target system.
 On Multi-user System, run it under Administrator account
to silently capture passwords for all the users
Case Study

(1)If you are a fan of siting in public cafes that offer free WIFI and
playing on your computer. Make sure you are using sort of
encryption and security when sending passwords.
 A person who has a password sniffing program on their
computer can easily sit in a public space collecting passwords
from the network with ease. These programs are simple to
use.
(2)In a Mall all people are shopping using there smartcard, credit
card , debit card etc. at the time of payment customer have to
stretch their card into machine. In that machine the attacker can
use program to record the user password or sensitive
information. And after gaining particular information attacker can
misuse the card and amount.
Case Study

 So be safe when stretching the card on the public scanner

machine.
(3)Phishing website provide the original look so normal
user can not identify which one of the fake website. In this
type of website sniffer program are installed . Attacker can
set the sniffer program .So normal user can give their
sensitive information on that website. So at the time of user
response program can scan the username and password
that can be recorded.
To prevent Password Sniffing Attack
 Not to do anything on a public WIFI network.
 Not expose yourself and private information to open
networks.
Identity Theft
 Identity Theft
“Ultimately, you cannot prevent identity theft from
happening to you, …You can only reduce your chances.” —
Beth Givens (Director & Founder, Privacy Rights
Clearinghouse)
What is Identity Theft?
 Is a serious crime occurring when your personal
information is stolen and used without your knowledge to
commit fraud or other crimes.
 Most often occurs when an individual steals another
person’s identity in order to exploit that person’s financial
status for personal gain.
 May involve the thief pretending to be someone else in
order to access the victim’s financial resources or obtain
credit or other benefits in that person’s name.
What is Identity Theft?
 May result in severe damage to the victim’s credit scores
and financial standing, resulting in the expenditure of
significant time, energy and money to repair the damaged
financial reputation.
 May result in the victim being held accountable for the
perpetrator’s illegal actions.
 Identity theft happens when someone uses your personally
identifying information, like your name, Adhar number or
credit card number without your permission to commit
fraud or other crimes.
Forms of identity theft
What Can Thieves Do With Your Identity
 Credit Card Fraud: Open a CC in your name and change the
billing address for your cards.

 Phone and Utilities: Open a new accounts in your name or “run

up” charges on your existing accounts.

 Bank/Financial: Create “fake” checks in your name or account

number, write bad checks in your name, make a “fake” ATM
card to impersonate yours, and take a loan out in your name.
Conti…….
PROTECTING YOURSELF — DEFEND
DEFEND- If you identify potential identity theft, take steps
to stop further damage:
 Close accounts you know or suspect have been opened
fraudulently or tampered with.
 Place a “Fraud Alert” on your credit reports and review
the reports carefully. A fraud alert tells creditors to follow
certain procedures before opening new accounts or
making changes to existing accounts in your name.
 File a compliant with your local police or with authorities
where the identity theft took place. This will help you
correct your credit report and deal with creditors who may
want proof of the crime.
Additional things to look into to avoid
Identity theft
 Social networking sites
 Mobile devices
 Online dangers and internet transactions
Social networking sites

Victims of identity theft often naively provide their personal

information (and whereabouts) to potential thieves via
postings on social networks such as Facebook or MySpace.
Protect yourself on these sites by:
 Ensuring that your privacy and security settings will allow
personal access only to trusted friends and family.
 Making sure you are not sharing sensitive private files
with other users (if you use “peer-to-peer” file sharing).
 Avoiding the disclosure of your birth date, or at least your
birth year, on any public postings. protecting your
information and identity.
Preventing Dumpster Diving
 Invest in a small paper shredder. They can be purchased at
any local retail store.
 Ensure that everything that has your name and address or
any other personal information is shredded.
 Make sure to not leave any mail with confidential
information unattended in your mailbox for long periods
of time.
 Use online “e-statements” for all your accounts.
How To Prevent Phishing
 Do not open any emails or attachments from anyone you
do not know.
 Ensure that all banking websites you use have the “lock
symbol” located at the bottom of the web browser
(Firefox, Internet Explorer).
 Do not open links in emails. Type the address of the
website your trying to access and not the link.
 Opt-Out of email newsletters or “junk mail lists”.
Perception of Hacker
Hackers History
 The original generation of Hackers has been said to be such personalities as
John Von Neuman, Alan Turing and Grace Hopper.
 The first use of the term "Hacker" is attributed to member of the "Tech
Model Railroad Club" from MIT in the late 1950s. This was originally a term
of praise for the very best programmers and designers.
 Media coverage in the 1980s redefined the term to be synonymous with
"Computer Criminal".
 The visibility and rise of Hackers is the result of four major developments:
1. The proliferation of computers
2. The dramatic rise and geographical expansion of networks.
3. The dramatic rise in computer literacy.
4. The dependence of organizations upon information.
PERSONAL BELIEFS

Computers are tools for the masses: Computers should

not be private devices for the rich.
Coding is community property : The status of all
software should be shareware, freeware or public domain.
Coding is an art: A good program has a certain elegance
and beauty. In beauty there is creativity which is
demonstrated by a program that can penetrate others.
The computer lives: Most hackers have a social and
personal relationship with their computer.
Some of the major Hackers attributes
Mostly White. There seems to be a correlation between race
and affluence.
 Young. Most are under 30 and concentrated around colleges
and universities.
Bright. A good hack results from meeting a challenge which
will require in many cases exceptionally high intelligence.
Understanding, Prediction and Control. These three
conditions seem to bring a sense of competence, mastery and
self-esteem.
Computer fascination. For many of us the computer is simply
a tool. For the hacker it is an unendingly fascinating toy - a
mystery wrapped in an enigma to be explored and understood.
Social Views on Hackers

Misguided youths. Hackers are misguided youths and are

essentially harmless. Their intelligence and creativity should be
encouraged but directed toward more constructive channels.
 Security specialists. Hackers know the corporate security
weaknesses. They should be hired as security specialist and their
expertise utilized to protect the corporate vital information
resources.
 Scumbags. Hackers are the scum of the earth and should be
treated as varmints and hunted down with dogs and put away for
life.
 Ordinary criminals. Hackers should be treated no different
than any other criminals.
HACKER DEFINITIONS

A Hacker is someone who has achieved some level of expertise

with computers.
A Cracker is someone who breaks into systems without
permission.
A Script Kiddie is someone who uses scripts or programs from
someone else to do his/her cracking.
Other terms are leech, warez puppy and rodent.
A Phreaker is a hacker who specializes in telephone systems.
A White Hat is someone who professes to be strictly a good
guy.
A Black Hat is someone who is viewed as a bad guy.
A Grey Hat is someone who falls in between White and black
TYPICAL HACKER ATTACKS

Insider Attack.
 Social Engineering.
 Virus Infiltration.
 Denial of Service.
 Software Bug.
 Password Infiltration.
IP Spoofing.
 Trojan Horse.
Brute Force.
Worms and viruses
HACKER CATEGORIES
Semi-Professional Hacking: Performed part-time and does not provide an
income.
 They fit the classical hacker characteristics i.e. they work and play on
the edge of society, have a gang mentality, strong negative responses to
threats against his/her self-esteem, can have narcissistic personality
disorders.

 Inter-City Hacking: Inner-city residence(any race, color, religion, creed,

etc,), exhibits anger at social condition, exhibits no social conscience, jail is
not a deterrent.
 Hacking gives them a sense of power and allows them to make their
own rules.

Professional Hacking: This encompasses any for profit activity such as

spies, industrial espionage, White Collar criminals, etc.
WHAT MAKES A TARGET?

Lax Security (Hard on the outside, soft on the

inside!).
 Target of Extremist Group, e.g., Tamil Tigers.
 Target of a Radical Group, e.g., Animal rights.
 High visibility makes a good "Scorekeeper" site.
 High visibility makes a good "Embarrassment"
site.
 Resources that are useful to the hacker.
 Destruction of ability to provide service to
customer.
HACKER ATTACK CATEGORIES
Personal Attacks. Attacks against an individuals electronic privacy. This could take
the form of exposure of criminal records, changing correct to incorrect entries on your
digital self, change your DMV record, change your telephone record, send explicit sex
material across Internet in your name etc.

[Instructors note: One reporter critical of hackers was reputedly to have been
sentenced to "electronic death". Hackers had his telephone, gas, and electricity
turned off, flooded him with unordered mail-order merchandise and posted his credit
report on public BBS]

 Corporate Attacks. This attack primarily includes:

 industrial espionage on the part of competitive corporations (whether foreign or
domestic);
 economic espionage such as insider trading information, plans of the Federal
reserve System, and possible merges; and
 white collar crime such as electronic funds transfer, bank fraud, toll fraud, etc.
HACKER ATTACK CATEGORIES
Information Warfare : This attack is against a country, its
politics and its sphere of influence

Offensive Information Warfare against such infrastructures as

Wall Street, the Federal Reserve System, the Internal Revenue
Service, Air Traffic Control Systems, Manufacturing Systems,
Communication Systems, etc.
HACKER EXAMPLES
The Cuckoo's Egg discussed four hackers, Dirk Brzesinski,
Peter Carl, Markus Hess and Karl Koch, from Hannover,
Germany, penetrated or attempted penetration of at least 50
computers connected to MILNET.
 These systems included the Pentagon, Lawrence Livermore
Labs, the Los Alamos Nuclear Weapons Systems and the
National Computer Security Center.
 They exploited these systems by means of weaknesses in
TCP/IP and the UNIX operating systems.
 One of their favorite techniques was to plant Trojan Horses
to steal authorized passwords.
HACKER EXAMPLES
The German Chaos Computer Club brought "chaos" to the
national Aeronautics and Space Administration computer systems
in the late 1980s.
 They primarily planted Virus programs at the Goddard
Space Flight Center in Greenbelt, Md.
 They gained access through a Unix flaw that the system
administrator had failed to patch.
The Legion of Doom (LoD) and the Masters of
Destruction(MoD) were two of the major computer gangs in the
late 80s and early 90s.
 They were from Brooklyn, the Bronx and Queens.
 They wiretapped, intercepted data transmissions,
reprogrammed phone computer switches, stole and sold
passwords, etc.
 The LoD were convicted in 1992 apparently turned in as a
result of a falling out with other hackers.
A Typical Hacker Attack: THE BOEING ATTACK -
1995
1. A computer consultant noticed the system was sluggish.
(a). He executed the top command to determine what was slowing down the
system.
(b). A program called vs was consuming a large amount of system resources
and was running as superuser.
2. He next ran ps.
a). vs did not appear so he suspected a break-in.
3. He executed the Emacs dired command and found the vs program in a directory
called /var/.e/vs.
4. He next did a chdir() to the /var directory and did a ls -a command.
(a). The directory /var/.e was not displayed.
5. The programmer used the tar command to make a copy of the /var/.e, /bin and
/etc directories.
(a) He copied this to another computer.
6. The programmer then shut down the system.
7. He next examined the /bin/login file and found it had been modified to allow
logging in with a special password.
8. This seemed to be an exceptionally sophisticated attack.
THE BOEING ATTACK - 1995
9. He found the /var/.e/vs was a password sniffer which passed copied
passwords to a remote computer.
10. He found the /bin/ls and /bin/ps command had been modified to not
display the directory /var/.e.

(a) A comparison of the modified programs with the backup version

revealed the differences.
Session Hijacking
What is a session
 A period devoted for a particular activity.

 A lasting connection between a user (or user agent i.e.

browser) and a server usually involving the exchange of
many requests.
 A typical session
What is a session ID
 A session ID is a unique number that a Web site's server
assigns a specific user for the duration of that user's visit
(session).
 The session ID can be stored as a cookie, form field, or
URL (Uniform Resource Locator).
 Some Web servers generate session IDs by simply
incrementing static numbers.
What Is Session Hijacking
 Session Hijacking is happened when an attacker gets
access to the session state of a particular user.
 The attacker steals a valid session ID which is used to
get into the system and snoop them.
 WhatsApp Sniffer is popular Session Hijacking attack
tool.
 Session Hijacking first attack on Christmas day 1994
by Kevin Mitnick when http 0.9 was release.
Types of Session Hijacking
There are 2 types of Session Hijacking
1) Active: In an active attack, an attacker finds an active
session and takes over.
2) Passive: With passive attack, an attacker hijacks a
session, but sits back, and watches and records all the
traffic that is being sent forth.
Session Hijacking Levels
Session hijacking takes place at two levels:
1. Network Level: Network level can be defined as the
interception of the packets during the transmission
between client and the server in a TCP and UDP session
2. Application Level: Application level is about gaining
control on HTTP user session by obtaining the session
ID’s
Network Level
Network level session hijacking is particularly
attractive to hackers because it provides some
critical information to the attacker which is used
to attack application level sessions
Network level hijacking includes:
 IP Spoofing: Source Routed Packets
 RST Hijacking
 Blind Hijacking
 Man in the Middle: Packet Sniffer
 UDP Hijacking
IP Spoofing: Source Routed Packets

 IP spoofing is “a technique used to gain unauthorized access to

computers, whereby the intruder sends messages to a computer
with an IP address indicating that the message is coming from a
trusted host.”
Blind Hijacking
 In blind hijacking, an attacker injects data such as
malicious commands into intercepted communications
between two hosts.
 The hacker can send the data or comments but has no
access to see the response.
Blind Hijacking
Man in the Middle: Packet Sniffer (MITM)
and UDP Hijacking
 In this attack, the packet sniffer is used to interface
between the client and the server.
 The packets between the client and the server are routed
through the hijacker’s host by using two techniques:
1. Internet Control Message Protocol (ICMP)
2. ARP spoofing
What is ARP Spoofing
 ARP spoofing is a type of attack in which a malicious
actor sends falsified ARP (Address Resolution Protocol)
messages over a local area network.
 This results in the linking of an attacker’s MAC address
with the IP address of a legitimate computer or server on
the network.
 Once the attacker’s MAC address is connected to an
authentic IP address, the attacker will begin receiving any
data that is intended for that IP address.
 ARP spoofing can enable malicious parties to intercept,
modify or even stop data in-transit.
 ARP spoofing attacks can only occur on local area
networks that utilize the Address Resolution Protocol.
Application Level Session Hijacking
 In this level, the hacker gains the session ID’s to get
control of the existing session or even create a new
unauthorized session
 Application level session hijacking includes:
 Obtaining Session ID’s
 Sniffing
 Brute Force
Session Hijacking Tools
 WireShark: sniffing packets
 Juggernaut: Linux base, Flow across the network
 Hunt: Unix base, sequence number prediction
 TTY Watcher: monitor and control users system
 IP Watcher: commercial Software
 T-Sight : Windows , Commercial software
 Paros HTTP Hijacker: spidering, proxy-chaining,
filtering, application vulnerability scanning.
 Hjksuite Tool: DnsHijacker Tool and many open
source scripts like cookie injector.
Detection of Session Hijacking
 There are two modes used for detection i.e.
1. Manual: Packet Sniffing Software
2. Automatic: IDS and IPS