Information Security: Principles and Practice
Information Security: Principles and Practice
Securing Im and P2P Applications for the Enterprise
Securing Im and P2P Applications for the Enterprise
Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network
Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network
A Simple active attack against TCP
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Tetherway: a framework for tethering camouflage
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Hi-index | 0.00 |
We present application-based TCP hijacking (ABTH), a new attack on TCP applications that exploits flaws due to the interplay between TCP and application protocols to inject data into an application session without either server or client applications noticing the spoofing attack. Following the injection of a TCP packet, ABTH resynchronizes the TCP stacks of both the server and the client. To evaluate the feasibility and effectiveness of ABTH, we developed a tool that allows impersonating users of Windows Live Messenger in the matter of few seconds. Due to its generic nature, ABTH can be mounted on a variety of modern protocols for TCP-based applications. Countermeasures to thwart and/or limit the effectiveness of ABTH could include strict Ethernet switching and cryptographic protection of messages. However, the former cannot be guaranteed by the application provider and the latter appears to be still prohibitively expensive for such large-scale applications with hundreds of millions of sporadic users as Windows Live Messenger.