Session Hijacking

Session hijacking refers to a process where an attacker takes over a legitimate session between a computer user and another computer.

The attacker monitors a session between two computers and injects traffic making it look like it came from one of the hosts. The legitimate computer connection is dropped and the attacker continues with the same privileges the legitimate host had. A defense against session hijacking is to use random sequence numbers rather than predictable ones or to enrypt the data used to secure sessions since the attacker won't be able to encrypt properly without the encryption key. Without the encryption key, the decrypted commands from the attacker will be junk.

Another way to prevent session hijacking is for the two legitimate systems to share a secret which is checked periodically during the session.