Man-in-the-middle and session hijacking
Man-in-the-middle (MitM) attacks can intercept, redirect and steal communications and data sent between two innocent parties, and this can be done unknown to those parties. In this Discussion, you will appraise and compare situations of MitM attacks and session hijacking attacks at application and network levels. For this Discussion, you will need to reference this resource:
Lin, M. (2005) An overview of session hijacking at the network and application levels [Online]. Available from: www.sans.org/reading-room/whitepapers/ecommerce/overview-session-hijacking-network-application-levels-1565 (Accessed: 30 June 2014).
Note: If this link does not work, please cut and paste it into your browser.
To complete this Discussion:
Post: Summarise what you learned from An Overview of Session Hijacking at the Network and Application Levels (Lin, 2005). Consider how MitM attacks relate to session hijacking attacks at application and network levels. Evaluate the extent to which MitM attacks are realistic threats. List several scenarios to support your viewpoint.