![]() What attacks can you successfully launch against a server using the above technique? If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server. The attack doesn't see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. This sequence number is predictable the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. ![]() Q2) After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. Q1) What type of session hijacking attack is shown in the exhibit?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |