After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. The attack doesn’t see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server.
What attacks can you successfully launch against a server using the above technique?
A.
Web page defacement attacks
B.
Session Hijacking attacks
C.
Denial of Service attacks
D.
IP spoofing attacks
Explanation:
The term Session Hijacking refers to the exploitation of a valid computer session – sometimes also called a session key – to gain unauthorised access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer.
B is the answer
bucause the hacker is trying to create a fake connection with a forged IP. he send the SYN-ACK reqst
I agree with the answer. B