CEH

Review Questions 279 Review Questions What is the hexadecimal value of a NOP instruction in an Intel system? A. 0x99 B. 0x90 C ...

280 Chapter 11 ■ Denial of Service Adding and removing to and from a program stack are known as what? A. Pop and lock B. Push a ...

Review Questions 281 While monitoring traffic on the network, Jason captures the following traffic. What is he seeing occur? A ...

282 Chapter 11 ■ Denial of Service What command-line utility can you use to craft custom packets with specific flags set? A. nm ...

Session Hijacking CEH EXAM OBJECTIVES COVERED IN THIS CHAPTER: ✓ I. Background ■ C. System technologies ✓ III. Security ■ A. Sys ...

The concept of session hijacking is fairly simple and can be applied to various scenarios. An interception in the line of commun ...

Understanding Session Hijacking 285 In its most basic sense, a session is an agreed-upon period of time under which the connecte ...

286 Chapter 12 ■ Session Hijacking So what is a session ID? Well, its form can vary a bit depending on whether we are talking an ...

Understanding Session Hijacking 287 Active and Passive Attacks You can categorize a session hijacking attack as either an active ...

288 Chapter 12 ■ Session Hijacking Categorizing attacks as either active or passive is useful for helping you understand the gen ...

Understanding Session Hijacking 289 Cookies Cookies have been a potential avenue of exploit for quite some time, and they have r ...

290 Chapter 12 ■ Session Hijacking Look at the IDs in Table 12.1 and you should be able to determine the pattern, or at least ho ...

Understanding Session Hijacking 291 In many cases the content that causes the attack to occur comes in the form of JavaScript, b ...

292 Chapter 12 ■ Session Hijacking FIGURE 12.4 Spoofing Authenticated Connection I’m 1 92.168.1.5!!! Victim 192.168.1.5 Host Att ...

Understanding Session Hijacking 293 You may see questions on the exam that test your ability to discriminate between two related ...

294 Chapter 12 ■ Session Hijacking sequence number and subsequent acknowledgment numbers. TCP connections begin their sequencing ...

Understanding Session Hijacking 295 TCP/IP Session Hijacking TCP/IP session hijacking is an attack on a TCP session. The attacke ...

296 Chapter 12 ■ Session Hijacking you’ll face. We’ve already covered a few of these, so we’re ahead of the game! Just pay atten ...

Understanding Session Hijacking 297 Man-in-the-Middle Man-in-the-middle (MITM) attacks take the cake as one of the best-known ve ...

298 Chapter 12 ■ Session Hijacking E XE RC I S E 12 .1 Performing an MITM Attack In this exercise, you’ll learn the fundamentals ...