Impersonalization

Impersonalization is an attack where an attacker impersonates an authorized user or computer. There are several situations where an attacker may do this and several methods may be applied.

Some attacks using impersonalization include:

  1. Replay attack - Replay an authentication session to fool a computer into granting access.
  2. Session hijacking - The attacker monitors a session between two computers and injects traffic making it look like it came from one of the hosts. The legitimate computer connection is dropped and the attacker continues with the same privileges the legitimate host had. Defense is to use random sequence numbers rather than predictable ones or to enrypt the data used to secure sessions since the attacker won't be able to encrypt properly without the encryption key. Without the encryption key, the decrypted commands from the attacker will be junk.
  3. Impersonating a router and sending false routing information to disrupt the network or gain information.
  4. DNS cache poisoning - The attacker may impersonate a DNS server sending faulty information to get victims to go to an unintended web site.