IDS mailing list archives

Re: Session Hijacking

From: "[havoc]" <havoc () threatlab com>
Date: Fri, 4 Mar 2005 06:04:59 -0500

An IDS should be able to pick up the ARP storm, source routing violations,
and DoS attack that typically accompanies a session hijack.

hunt is a decent hijack tool I've used in the past.

-Warren.


----- Original Message ----- 
From: "Terry Ray" <cibert () gmail com>
To: <focus-ids () lists securityfocus com>
Sent: Wednesday, March 02, 2005 12:15 PM
Subject: Session Hijacking

Question, I am learning about session hijacking, and I was wondering
if an IPS has the capabilities to detect and prevent this type of
attack? If so how exactly would the IPS prevent a session hijacking?

-- 
Terry N.

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
--------------------------------------------------------------------------




--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

Current thread:

Session Hijacking Terry Ray (Mar 02)
- Re: Session Hijacking Mike Frantzen (Mar 04)
  - Re: Session Hijacking Dragos Ruiu (Mar 06)
    - RE: Session Hijacking Angel L Rivera (Mar 07)
    - Re: Session Hijacking Dragos Ruiu (Mar 09)
    - Re: Session Hijacking Dragos Ruiu (Mar 09)
    - RE: Session Hijacking Angel L Rivera (Mar 09)
    - Re: Session Hijacking Dragos Ruiu (Mar 10)
    - RE: Session Hijacking Omar Herrera (Mar 07)
- Re: Session Hijacking Kevin (Mar 06)
- Re: Session Hijacking [havoc] (Mar 06)