There is a kind of active attack based on TCP over the Internet, which is called IP Hijack. This kind of attack is different from the passive attack based on network sniffing. It can bypass the protection of system password and S/KEY, and get full control of the link between two end points. This can cause great harm to the network system. In this paper, the principle of this kind of attack is analyzed, the attack detecting technology and the protecting measures against IP Hijack are also given.