ISP Glossary Find an ISP Term

Search ISP Sites

Search: Search internet.com

ISP Resources ISP-Lists ISP Glossary ISP News CLEC-Planet The List ISPCON Free Newsletter IT Developer Internet News Small Business Personal Technology International Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers internet.commerce Be a Commerce Partner

Search for an ISP term
by a keyword...	...or by category. choose one... Communications Computer Industry Companies Computer Science Data Graphics Hardware Internet and Online Services Mobile Computing Multimedia Networks Operating Systems Programming Software Standards Types of Computers World Wide Web

session hijacking Last modified: Wednesday, April 14, 2004
(n.) Also referred to as TCP session hijacking, a security attack on a user session over a protected network. The most common method of session hijacking is called IP spoofing, when an attacker uses source-routed IP packets to insert commands into an active communication between two nodes on a network and disguising itself as one of the authenticated users. This type of attack is possible because authentication typically is only done at the start of a TCP session. Another type of session hijacking is known as a man-in-the-middle attack, where the attacker, using a sniffer, can observe the communication between devices and collect the data that is transmitted.
	Related Categories Ethics Security Related Terms authentication sniffer TCP/IP user session