Session Hijacking is a most common threat on web. Most of us are not aware about this. Much time you visit a website and after that you find your system filled with popup. Your antivirus started warning about some weird file blocked, etc. Session Hijacking is called as middle man attack. This process consists of entering your system via hijacking the cookies session. When you connect on internet to access a web page, your system needs to authentic itself. This is the validation process of your session. At this time the pc called up a session key so that the server on the other end can find this as authorized user. The server then sends the information back to the client. The attack is carried in between when a client pc connects with the server. The cookies here help the server to identify client pc. Cookies are some files which help you to keep connected and surf pages. These cookies are then tracked by hackers who copy these files in order to get your systems address. And once they receive the file they send virus to carry on other stuffs. Cookies can be stolen quiet easily. You had notice when you close your browser or logout on some site; they give you a message on screen saying all cookies are clear. This is for security purpose, so that your session is not hacked by any.
The information collected can be used for redirection virus, spyware attack, malware attack, etc. The cookies are stolen when the IP packets travels from pc one to another. The attackers simply try to find the session and then it enters to record the conversation among those systems. They use some kind of sniffing tool. Sniffing tool is designed to sniff data packets which travel over web. There are many sniffing tools provide freely on web which are responsible for number of attacks. If the attackers get a large among pc access he can setup a dos attack on the same to generate more loss. A cookie is a small file which helps the web server to identify the host machine. You can assume what amount of such files is generating when billions of people are on web. Attackers try to take benefit of the same. You might be wondering is this risky? It is. When an attacker gets your session access he can use the same to extract contents of hamper a web server. As the web server is already protected, the security application on the server will not block once the user is authenticated. Something similar to The 6th Day. An attacker can take your system identity and play with the data.
Those who are running servers in their business premises need to be worry about this. As there are many types of attack, but this kind of attack can happen on frequent basis? It is not easy to find those prying eyes, but there are number of preventive measure that can block access to such thing. If you are on a very large network then it becomes quiet impossible to keep track of each and every incoming connection. What matters is safe session connectivity. Because of this attack you can also lose some of your important banking information’s. This being with stealing cooling’s from your system. For example you open up an email site like Yahoo. When you log in, your type the user id and password. This information is stored in your system on temporary basis. As an end user you are not aware about the internal technical vulnerabilities. Most we rely on the service providers for safe surfing. An attacker can run a sniffer tool which will intercept the data.
It will not block but it will read and tell the attacker what login credential you had used to access yahoo email. In this way your mail can use for un-authorized activities. Many ethical hackers have published quiet an informative review on web which tells you how protect yourself. This begins with capturing the traffic of client pc. There are billions of people using internet over web. The attacker run specialized software that can capture those traffic. It does not matter that you are on facebook or simply checking your emails, or buying something online. When the attacker runs the tool, it captures all activities. It records your login information, password, etc. Once this are captured, the information reaches the attacker who can use it to manipulate victims. The capture data is not in text format. It is a bit different file which is then processed. Mostly attackers never run such type of tool from their home pc. They use proxies so that they cannot be tracked and if some found the attack, they can get rid of easily.