three months late.....
Carric Dooley wrote:
>
> Taking over a session is "hijacking". The only time I have seen the term
> "snarfing" is when it was in reference to getting the password file off of
> unix box "snarfing the unix passwd file".
>
> the best session hijacking tool I have seen to date is hunt. It used to
> be on the trinux tools page. You may still be able to find it at
> opensec.net. Hunt only seems to be aware of telnet sessions, and the only
> real defense is using an encrypted substitute (i.e. ssh).
Or a switched network.
>
> Carric Dooley
> COM2:Interactive Media
> http://www.com2usa.com
>
> On Wed, 2 Jun 1999, Ben Keepper wrote:
>
> > "Snarfing"
> >
> > Not sure if this is the correct term, but I've heard it several times of
> > late. It seems to refer to the ability to take control of a session from
> > someone else and essentially spoof their identity.
> >
> > How do "attackers" monitor these sessions and what tools do they use to
> > monitor and take control?
> >
> > Is this "attack" a danger only to certain protocols?
> >
> > What are the defenses against this attack?
> >
> > Any discussion is appreciated.
> >
> > Ben
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
--
--Paul Hessels
--Systems Analyst Student
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
