- Hijacking is a type of network security attack in which the attacker takes control of a communication between two entities and masquerades as one of them.
- In one type of hijacking (also known as a man in the middle attack), the perpetrator takes control of an established connection while it is in progress.
- The attacker intercepts messages in a public key exchange and then re-transmits them, substituting their own public key for the requested one, so that the two original parties still appear to be communicating with each other directly.
- The attacker uses a program that appears to be the server to the client and appears to be the client to the server.
- This attack may be used simply to gain access to the messages, or to enable the attacker to modify them before re-transmitting them.
 |
| Hi-Jacking Attack |
Another form of hijacking is browser hijacking, in which a user is taken to a different site than the one the user requested.
There are two different types of domain name system (DNS) hijacking.
- In one, the attacker gains access to DNS records on a server and modifies them so that requests for the genuine Web page will be redirected elsewhere - usually to a fake page that the attacker has created. This type of hijacking is difficult to prevent, because administrators control only their own DNS records, and have no control over upstream DNS servers.
- In the second type of DNS hijack, the attacker spoofs valid e-mail accounts and floods the inboxes of the technical and administrative contacts. This type of attack can be prevented by using authentication for InterNIC records.
In another type of Web site hijack, the perpetrator simply registers a domain name similar enough to a legitimate one that users are likely to type it, either by mistaking the actual name or through a typo. This type of hijack is currently being employed to send many unwary users to a pornographic site instead of the site they requested.
