How to protect your system from Session Hijacking

[kattman]

Session Hijacking is a most common threat on web. Most of us are not aware about this. Much time you visit a website and after that you find your system filled with popup. Your antivirus started warning about some weird file blocked, etc. Session Hijacking is called as middle man attack. This process consists of entering your system via hijacking the cookies session. When you connect on internet to access a web page, your system needs to authentic itself. This is the validation process of your session. At this time the pc called up a session key so that the server on the other end can find this as authorized user. The server then sends the information back to the client. The attack is carried in between when a client pc connects with the server. The cookies here help the server to identify client pc. Cookies are some files which help you to keep connected and surf pages. These cookies are then tracked by hackers who copy these files in order to get your systems address. And once they receive the file they send virus to carry on other stuffs. Cookies can be stolen quiet easily. You had notice when you close your browser or logout on some site; they give you a message on screen saying all cookies are clear. This is for security purpose, so that your session is not hacked by any.

The information collected can be used for redirection virus, spyware attack, malware attack, etc. The cookies are stolen when the IP packets travels from pc one to another. The attackers simply try to find the session and then it enters to record the conversation among those systems. They use some kind of sniffing tool. Sniffing tool is designed to sniff data packets which travel over web. There are many sniffing tools provide freely on web which are responsible for number of attacks. If the attackers get a large among pc access he can setup a dos attack on the same to generate more loss. A cookie is a small file which helps the web server to identify the host machine. You can assume what amount of such files is generating when billions of people are on web. Attackers try to take benefit of the same. You might be wondering is this risky? It is. When an attacker gets your session access he can use the same to extract contents of hamper a web server. As the web server is already protected, the security application on the server will not block once the user is authenticated. Something similar to The 6th Day. An attacker can take your system identity and play with the data.

Those who are running servers in their business premises need to be worry about this. As there are many types of attack, but this kind of attack can happen on frequent basis? It is not easy to find those prying eyes, but there are number of preventive measure that can block access to such thing. If you are on a very large network then it becomes quiet impossible to keep track of each and every incoming connection. What matters is safe session connectivity. Because of this attack you can also lose some of your important banking information’s. This being with stealing cooling’s from your system. For example you open up an email site like Yahoo. When you log in, your type the user id and password. This information is stored in your system on temporary basis. As an end user you are not aware about the internal technical vulnerabilities. Most we rely on the service providers for safe surfing. An attacker can run a sniffer tool which will intercept the data.

It will not block but it will read and tell the attacker what login credential you had used to access yahoo email. In this way your mail can use for un-authorized activities. Many ethical hackers have published quiet an informative review on web which tells you how protect yourself. This begins with capturing the traffic of client pc. There are billions of people using internet over web. The attacker run specialized software that can capture those traffic. It does not matter that you are on facebook or simply checking your emails, or buying something online. When the attacker runs the tool, it captures all activities. It records your login information, password, etc. Once this are captured, the information reaches the attacker who can use it to manipulate victims. The capture data is not in text format. It is a bit different file which is then processed. Mostly attackers never run such type of tool from their home pc. They use proxies so that they cannot be tracked and if some found the attack, they can get rid of easily.

[kattman]

Preventive Tips:

After reading the above paragraphs you would have understood how this all stuff happens. Now you do not need to worry that it will be quiet complicated to protect yourself from such stuff. There are many ways by which you can avoid such kind of attacks. It is necessary to defend yourself from session hijacking. There are number of reasons behind that. First no one wants his personal info go live on web. Second you will never be comfortable to share your credit card or banking information on internet. Have a look on some below preventive tips.

• Do not access your bank site from everywhere. This is quiet important. You must carry your online transaction from one place only. Avoid pc which is used by multiple people. That pc can be infected with sniffers. There are chances that the traffic on that system are sniffed and cause issue on future. It is recommended to use your online banking information from the most secure place. It can be your home or your personal laptop.
  
  
• Antivirus protection. There is good pack of antivirus on internet. They come with online security pack or regular pc version. It is recommended that you keep your system upto date. You must not ignore the pc security. It is far better if you buy a good license copy of antivirus software and installed in your pc.
  
  
• Data encryption. This is another effective way of protection. If you have a server in your office turns the data encryption mode on. This feature is provided in the router or security tool that you are using on your system. You can put the entire traffic behind a SSL security. So that no one can easily intercept the packet data.
  
  
• Some process should be carried out by the server end also. Like once the pc is authenticated after something re-creating the session id. This will give more protection to the user and server both. It is recommended that the session which is used in the process should be long and complicated. So that the attacker cannot easily try out any attacks.
  
  
• Servers should be programmed with early log out settings. If users stay idle for some couple of minutes he must be logged out automatically.
  
  
• To some extent we (end user) are also responsible for such attacks. Like blindly clicking on any links that you receive in your emails. Many of you are using email clients and subscribed to newsletters, rss, etc. There are tons of mails that you receive in spam also. Unconditionally clicking on that give easy access to the attacker to intercept your traffic. It is recommended that you must never click on the link unless you are sure.
  
  
• Keep your browser settings on automatic settings to clear your browsing history and cookies. Latest browsers like Firefox, Opera, IE, etc all comes with those settings. As you exist the browser it automatically cleans everything. So there you do not need to worry about the threat.
  
  
• Never leave any site without logging out. Many people have habit to instantly close a browser window without logging out from their account. This gives very easy chances to attacker to access your login credentials.
  
  
• It is necessary that along with a good internet security pack you must also have effective firewall in your system. A firewall acts as a blockage between the incoming and outgoing traffic. Even if the attacker has intercepted your session data, he cannot enter your system due to firewall.
  
  
• Ensure that when you are carrying our online transaction you are on https connection. Or else you can verify the websites security certificate. HTTPs connection simply put you behind a closed tunnel in which no one can enter.

There are number of technical complexities inside this attack. It is not possible for every end user to keep an eye on the same. Also no one is interested to use tools that can create log based on the various activities. It is recommended that you must keep your antivirus upto date and keep yourself informed about such issues. Awareness is something which does your half job under web security.