Snort mailing list archives
Re: Tcp session hijacking
From: waldo kitty <wkitty42 () windstream net>
Date: Sun, 17 Aug 2014 12:55:48 -0400
On 8/17/2014 5:37 AM, Meysam Farazmand wrote:
Hi all, I used "check_session_hijacking" in stream5 preprocessor for session hijacking attacks detection and launched a mitm attack. But snort did not detect it.
session hijacking and mitm are not the same... session hijacking is where you take over or continue with someone's existing or previous session... mitm is where you are in the middle and have valid sessions with both parties and pass their traffic across while doing what you want with it in the middle... -- NOTE: No off-list assistance is given without prior approval. Please *keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Tcp session hijacking Meysam Farazmand (Aug 17)
- Re: Tcp session hijacking waldo kitty (Aug 17)
- Re: Tcp session hijacking Meysam Farazmand (Aug 19)
- Re: Tcp session hijacking Joel Esler (jesler) (Aug 19)
- Re: Tcp session hijacking Meysam Farazmand (Aug 19)
- Re: Tcp session hijacking Joel Esler (jesler) (Aug 19)
- Re: Tcp session hijacking Meysam Farazmand (Aug 19)
- Re: Tcp session hijacking Russ Combs (rucombs) (Aug 19)
- Re: Tcp session hijacking Meysam Farazmand (Aug 19)
- Re: Tcp session hijacking Russ Combs (rucombs) (Aug 19)
- Re: Tcp session hijacking Meysam Farazmand (Aug 19)
- Re: Tcp session hijacking waldo kitty (Aug 17)
- Re: Tcp session hijacking Jefferson, Shawn (Aug 19)
- Re: Tcp session hijacking Meysam Farazmand (Aug 19)