What type of session attack is Gerald employing here?
Gerald is a certified ethical hacker working for a large financial institution in Oklahoma City. Gerald is currently performing an annual security audit ofthe company’s network. One of the company’s primary concerns is how the corporate data is transferred back and forth from the banks all over the city to the data warehouse at the company’s home office. To see what type of traffic is being passed back and forth and to see how secure that data really is, Gerald uses asession hijacking tool to intercept traffic between a server and a client. Gerald hijacks an HTML session between a client running a web application which connects to a SQL database at the home office. Gerald does not kill the client’s session; he simply monitors the traffic that passes between it and the server. What type of session attack is Gerald employing here?
What tool has Gerald's attacker used to cover their tracks?
Gerald, the Systems Administrator for Hyped Enterprises, has just discovered that his network has been breached by an outside attacker.After performing routine maintenance on his servers, he discovers numerous remote tools were installed that no one claims to have knowledge of in his department.
Gerald logs onto the management console for his IDS and discovers an unknown IP address that scanned his network constantly for a week and was able to access his network through a high- level port that was not closed.Gerald traces the IP address he found in the IDS log to a proxy server in Brazil.
Gerald calls the company that owns the proxy server and after searching through their logs, they trace the source to another proxy server in Switzerland.Gerald calls the company in Switzerland that owns the proxy server and after scanning through the logs again, they trace the source back to a proxy server in China.
What tool has Gerald’s attacker used to cover their tracks?