session hijacking
seansikaaperdus
olemus
rünne, mis põhineb protokolli nõrkustel:
eelnevalt on loodud seaduslik sideühendus, mille
seansi identifikaatori saab ründaja koogist või URList
ja teeskleb lubatavat kasutajat
ülevaateid
https://en.wikipedia.org/wiki/Session_hijacking
http://www.imperva.com/resources/glossary?term=session_hijacking
https://owasp.org/www-community/attacks/Session_hijacking_attack
https://www.sans.org/reading-room/whitepapers/ecommerce/overview-session-hijacking-network-application-levels-1565
tõrje
https://world.episerver.com/documentation/Items/Tech-Notes/EPiServer-CMS-6/EPiServer-CMS-60/Protecting-Your-Site-From-Session-Hijacking/
https://stackoverflow.com/questions/22880/what-is-the-best-way-to-prevent-session-hijacking
http://uobrep.openrepository.com/uobrep/bitstream/10547/211810/1/louis2011.pdf
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.709.4203&rep=rep1&type=pdf
https://ijcsmc.com/docs/papers/May2014/V3I5201499b21.pdf