Understanding Network

Attacks and Session Hijacking

Safeguarding Digital Assets in the Cyber Landscape
Network Attacks

 Definition of Network Attacks:

• A network attack encompasses any malicious and unauthorized activity aimed at
exploiting vulnerabilities within a computer network.
• It involves actions that compromise the confidentiality, integrity, or availability of
data and network resources.
• Examples include unauthorized access, data modification, and denial of service
attacks
Importance of Understanding and
Mitigating Network Threats:
 Protecting Confidentiality
 Preserving Integrity
 Ensuring Availability
 Safeguarding Reputation
 Compliance and Legal Obligations
 Financial Impact
Network Attack Types

 Active Attacks
 Passive Attacks
Active attacks

 Definition of Active Attacks:

• Active attacks involve deliberate actions aimed at disrupting or altering the normal
functioning of a computer network.
• Attackers engage in activities that directly impact the integrity, confidentiality, or
availability of data and network resources.
Examples of Active Attacks:
• Data Modification:
• Denial of Service (DoS):
• Unauthorized Access
• Man-in-the-Middle (MitM) Attacks:
Active attacks
Passive attacks

 . Definition of Passive Attacks:

• Passive attacks focus on intercepting and monitoring communication
without altering the data being transmitted.
• While not directly disruptive, passive attacks can compromise the
confidentiality of information by allowing unauthorized access to sensitive
data.
Passive attacks
Examples of Passive Attacks:

 Eavesdropping:
 Traffic Analysis:
 Packet Sniffing:
 Brute Force Password Attacks
Basic network attacks

 Password-based Attacks
 DDoS (Distributed Denial of Service)
 Malware
 IP Spoofing
 XSS (Cross-Site Scripting) Attack
 SQL Injection
 Man-in-the-Middle Attack
Network Attackers Tools

 Nmap,
 Wireshark
 Metasploit
Network Attack Prevention Tips

 Implement Strong Authentication

 Regularly Update Software
 Network Monitoring
 Firewalls and Security Appliances
 Educate Users
 Encryption
 Regular Security Audits
Introduction to Session Hijacking

 Definition of Session Hijacking:

 Description: Session hijacking, also known as session stealing or session
manipulation, involves the unauthorized interference with an established
user session. Attackers exploit vulnerabilities to gain control over a
legitimate user's session, allowing them to access sensitive information or
perform malicious activities.
 Key Points:
 Focuses on taking control of an existing user session.
 Exploits weaknesses in session management mechanisms.
Session Hijacking

 Significance in Exploiting User Sessions:

 Description: The exploitation of user sessions through hijacking holds significant
implications for both users and organizations.
 Key Points:
 Unauthorized Access: Session hijacking allows attackers to gain unauthorized access
to a user's account or system, potentially compromising sensitive information.
 Identity Impersonation: Attackers can impersonate legitimate users, performing
actions on their behalf without their knowledge.
 Financial Loss: Hijacked sessions may be used to conduct fraudulent transactions,
leading to financial losses.
 Data Manipulation: Session hijacking enables attackers to manipulate or misuse data
within the context of the compromised session.
 Loss of Trust: Successful session hijacking can erode user trust in online systems and
services.
Difference between Spoofing and
Hacking
 Explanation of Spoofing:
 Definition: Spoofing involves the act of falsifying or deceiving to appear as
someone or something else. This can be applied to various contexts, such as
network communication or user identity.
 Key Points:
 IP Spoofing: Faking the source IP address to appear as a trusted entity in network
communication.
 Email Spoofing: Forging the sender's email address to deceive recipients.
 MAC Spoofing: Changing the Media Access Control (MAC) address to impersonate a
different device on a network.
 Purpose: Spoofing is often used to trick systems, users, or networks into
accepting false information, gaining unauthorized access, or evading security
measures.
Difference between Spoofing and
Hacking
 Explanation of Hacking:
 Definition: Hacking encompasses a broad range of activities related to gaining
unauthorized access, manipulating data, or compromising the security of
computer systems or networks.
 Key Points:
 Ethical Hacking: Conducting security testing with permission to identify and fix
vulnerabilities.
 Malicious Hacking: Unlawfully exploiting weaknesses for personal gain, data theft, or
disruption.
 Exploitation: Hacking involves exploiting vulnerabilities, either in software, networks, or
human behavior, to achieve specific objectives.
 Purpose: Hacking can be both ethical, as in the case of security professionals
ensuring system robustness, or malicious, when it involves unauthorized access,
data manipulation, or the introduction of malicious code.
Difference between Spoofing and
Hacking
 Distinctions Between Spoofing and Hacking:
 Intent:
 Spoofing: Primarily intends to deceive or falsify information to appear as something else.
 Hacking: Involves gaining unauthorized access or manipulating systems, often for malicious purposes.
 Action:
 Spoofing: Involves creating a false appearance or identity.
 Hacking: Involves exploiting vulnerabilities to access, manipulate, or disrupt systems.
 Scope:
 Spoofing: Focused on deception and misdirection.
 Hacking: Encompasses a broader range of activities, including unauthorized access, data manipulation, and system
disruption.
 Permission:
 Spoofing: Can be both legal and illegal, depending on the context.
 Hacking: Unauthorized hacking is typically illegal, while ethical hacking is conducted with explicit permission.
Types of Session Hijacking

 Active Session Hijacking

 Passive Session Hijacking
 Network Level: TCP/IP Hijacking, IP Spoofing, RST Hijacking
 Application Level: Obtaining Session IDs, Sniffing and Brute Force,
Misdirected Trust
Active Session Hijacking

 Description: Involves directly manipulating or taking control of an existing

user session.
 Methods:
 Session token interception.
 Cookie theft.
 Significance: Enables attackers to gain unauthorized access to sensitive
information or perform actions on behalf of the legitimate user.
Conclusion:

 In the ever-evolving landscape of cybersecurity, understanding and

mitigating network threats is paramount. Throughout this presentation, we
delved into various aspects of network attacks, from the fundamental
techniques employed by attackers to the more sophisticated methods
used to compromise user sessions.
 Key Takeaways:
 Diverse Range of Attacks: Network attacks come in various forms, ranging
from active attacks that disrupt normal network functioning to passive
attacks that focus on intercepting and monitoring communication.
 Basic Network Attacks: Password-based attacks, DDoS, malware, IP
spoofing, XSS, SQL injection, and man-in-the-middle attacks constitute the
fundamental threats that organizations and individuals must guard against.
Conclusion

 Session Hijacking: The unauthorized interference with established user

sessions poses a significant risk, allowing attackers to gain control over
legitimate user accounts and access sensitive information.
 Preventive Measures: Implementing strong authentication, regular software
updates, network monitoring, firewalls, user education, encryption, and
security audits are crucial preventive measures to fortify network defenses.
 Session Hijacking Protection: Understanding the levels and types of session
hijacking, employing secure protocols, and educating users are vital steps
to protect against session-based attacks.