Security in Computer Networks

8.7.5 Hijacking
Home | Introduction | 8.1 What Is Network Security? | 8.2 Principles of Cryptography | 8.3 Authentication | 8.4 Integrity | 8.5 Key Distribution and Certification | 8.6 Access Control: Firewalls | 8.7 Attacks and Countermeasures | 8.8 Security in Many Layers: Case Studies

Suppose that you and a friend have an on going connection, and that someone is in a positoin to monitor packets flowing between you and your friend.  The intruder can take over, or hijack, the ongiong connection between the two of you.  The intruder can fool your friend into believing the they continues to comm;unicate with you even though they are communication with the intruder.  The intruder first takes you out of the picture by launching a DoS attack on you.  Having been eavesdropping on your communication, the intruder knows the full state of your TCP connection to your friend.  The intruder can thus spoof IP datagrams to your friend containing valid TCP segments and an arbitrary user payload.
 
Various network attacks and security threats are discussed in the collection of essays and the very readable book by Rubin.  A summary of reported attacks is maintained at the CERT Coordination Center.