1.4 Flashcards
Rogue access points
Unauthorized wireless access point added by employer or attacker, may not be malicious but potentially a back door
Wireless evil twin
Looks like existing access point for malicious reasons. Getting users to input ssid and sec settings. Can overpower access point and WiFi hotspots
Install vpn. And encrypt!
Blue jacking
Attacker sending unsolicited Bluetooth message (radius of ten meters) can send other types of message like media
Blue snarfing
Can access data using Bluetooth like
Calendar email pics etc.
Wireless jamming / rf jamming
The amount of noise is above the good noise for WiFi. Noise is created with sending constant random info or legitimate Frames. Reactive jamming when others send info attacker sends too
Needs to be close
Fox hunting with antenna to triangulate
RFID
It’s everywhere. Radar technology, powered by receiving signal. It’s wireless
Comms. Can capture transmissions or
Spoof reader. DDos jamming also.
NFC near feild Comms
Blue tooth for example . Used
For payments and access tokens. Can be a key to unlock door. It’s wireless and any interference is DDos. Perhaps can be replayed and relayed
Cryptography without randomization
A dog color inverted, can still see outline of dog it’s just inverted cause not random
Add a nonce, for the time being a one time use
Cryptographic nonce
Adding nonce to any outgoing or incoming g message for like WEP or SSL. Including password hashes so they are ransomed
For all users in system
On path attack (man in the middle attack)
Attacker who sits in middle of message and intercepts, can also modify as transmits
ARP poisoning
ARP has no security, local ip network subnet
Defines who is and gets Max address and IP address revealing all iP and max addresses. It’s saved In arp cache.
Attacker sends unprompted arp message and changes info in arp cache so that any info gets sent to hacker not regularly
Cached com
Need to be on local network
On path browser attack
Malware on victim machine, capture data being displayed
Mac address
48 bits/6 bytes long hexidecimal addy of physical network adapter address
12 values, first six is manufacture last six is serial number
Lan switching
Forward or drop frames based on MAC addy
Gather constantly updating list of mac addy expire in 5 mins
Maintain loop free environment using spanning tree protocol stp
Has limited MAC addresses
Mac flooding.
Attackers sending the above limit of a switches ability to handle MAC addresses , as the max table fills, the switch can’t direct individual frames but sends all frames
