"TCP session hijacking" is a technique that involves intercepting a TCP session initiated between two machines in order to hijack it.
In that the authentication check is performed only when opening the session, a pirate who successfully launches this attack is able to take control of the connection throughout the duration of the session.
The initial hijacking method used involved using the source routing option of the IP protocol. This option made it possible to specify the path IP packets were to follow, using a series of IP addresses showing the routers to be used.
By exploiting this option, the pirate could indicate a return path for packets to a router under his control.
When source routing is disabled, which is the case nowadays for most equipment, a second method involves sending packets as "blind attacks", without receiving a response, by trying to predict sequence numbers.
Also, when the pirate is on the same network thread as his two contacts, he can monitor the network and "quiet" one of the participants by crashing his machine or by flooding the network to take his place.
