Which of the following refers to the exploitation of a valid computer session to gain unauthorized
access to information or services in a computer system?
A.
Spoofing
B.
Smurf
C.
Session hijacking
D.
Phishing
Explanation:
Session hijacking refers to the exploitation of a valid computer session to gain unauthorized
access to information or services in a computer system. In particular, it is used to refer to the theft
of a magic cookie used to authenticate a user to a remote server. It has particular relevance toWeb developers, as the HTTP cookies used to maintain a session on many Web sites can be
easily stolen by an attacker using an intermediary computer or with access to the saved cookies
on the victim’s computer (see HTTP cookie theft).TCP session hijacking is when a hacker takes
over a TCP session between two machines. Since most authentication only occurs at the start of a
TCP session, this allows the hacker to gain access to a machine.
Answer option A is incorrect. Spoofing is a technique that makes a transmission appear to have
come from an authentic source by forging the IP address, email address, caller ID, etc. In IP
spoofing, a hacker modifies packet headers by using someone else’s IP address to hide his
identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc.
because forging the source IP address causes the responses to be misdirected.
Answer option B is incorrect. Smurf is an attack that generates significant computer network traffic
on a victim network. This is a type of denial-of-service attack that floods a target system via
spoofed broadcast ping messages. In such attacks, a perpetrator sends a large amount of ICMP
echo request (ping) traffic to IP broadcast addresses, all of which have a spoofed source IP
address of the intended victim. If the routing device delivering traffic to those broadcast addresses
delivers the IP broadcast to all hosts, most hosts on that IP network will take the ICMP echo
request and reply to it with an echo reply, which multiplies the traffic by the number of hosts
responding.
Answer option D is incorrect. Phishing is a type of scam that entices a user to disclose personal
information such as social security number, bank account details, or credit card number. An
example of phishing attack is a fraudulent e-mail that appears to come from a user’s bank asking
to change his online banking password. When the user clicks the link available on the e-mail, it
directs him to a phishing site which replicates the original bank site. The phishing site lures the
user to provide his personal information.
Session hijacking