Security Basics mailing list archives
session-hijacking is still available?
From: "SB CH" <chulmin2 () hotmail com>
Date: Fri, 04 Apr 2003 01:44:10 +0000
Hello, all.if attacker can do session hijacking, he can know the seq number change, ack seq number change something like that. But I have heard that modern system like linux kernel 2.4.x or openbsd produce almost random seq number, so session hijacking is almost impossible thesedays.
is it true or not?anyone still can session hijacking using session hijacking program like hunt?
Thanks in advance. _________________________________________________________________확인하자. 오늘의 운세 무료 사주, 궁합, 작명, 전생 가이드 http://www.msn.co.kr/fortune/default.asp
------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
Current thread:
- session-hijacking is still available? SB CH (Apr 04)
- RE: session-hijacking is still available? Michael Cunningham (Apr 07)
- Re: session-hijacking is still available? secvuln (Apr 07)
- Re: session-hijacking is still available? John Fastabend (Apr 07)
- <Possible follow-ups>
- RE: session-hijacking is still available? Raghu Chinthoju (Apr 04)
- Fwd: FW: session-hijacking is still available? crawford charles (Apr 04)
- REsession-hijacking is still available? Dina Kamal (Apr 08)
- Re: REsession-hijacking is still available? John Fastabend (Apr 09)
- REsession-hijacking is still available? Dina Kamal (Apr 08)
- Re: session-hijacking is still available? crawford charles (Apr 10)