1.4 Network Attacks Flashcards
Unauthorized access point on a network that may or may not be malicious. Poses backdoor vulnerabilities to your network
Rogue AP
Malicious access point that has the same SSID as your network but is controlled by an attacker. Can overpower legitimate access points to hijack network traffic.
Evil Twin AP
The process of sending unsolicited messages to a phone via Bluetooth connection
Bluejacking
An attack that involves the transfer of data to an attacking device via Bluetooth connection
Bluesnarfing
What does an attacker exploint within a network packet in order to perform a wireless disassociation attack?
802.11 Management Frames
You are working on your laptop when all of a sudden the wireless connection to your WIFI drops. It then proceeds to come back and drop off repeatedly. What type of attack are you likely subject to?
Wireless Disassociation
This type of jamming involves the transmission of interfering wireless signals to decrease the recipiant’s signal-to-noise ratio. Can sometimes be unintentional from microwaves, flourescent lights, etc.
Radio Frequency (RF) Jamming
An arbitrary number used in cryptography which is random, only used once, and is used to calculate a randomized hash for password and encryption. Secures against replay attacks, and is used “for the time being”
Nonce
A type of nonce that is used for randomizing encryption schemes in encryption ciphers, WEP, and some SSL implementations.
Initialization Vectors
A nonce most commonly associated with password randomization. Prevents passwords within a database being correlated in the event of a breach.
Salt
Formerly known as man-in-the-middle attacks, this type of attack involves the attacker being on the network between you and your traffic’s destination. Traffic is redirected to the attacker, and then passed on to its destination.
On Path attack
This attack utilizes the limited size of a MAC address table by sending requests from many different MAC addresses. When the address table is full it begins forwarding all traffic out of all ports.
MAC Flooding
Doing this will allow an attacker to change their MAC address in order to circumvent filters on a network
MAC Spoofing
An attack that injects a malicious IP address into a DNS cache of a DNS server or a client computer in order to direct web traffic to the wrong place.
DNS Poisoning
This type of attack involves getting access to the domain registration, effectively transferring domain ownership to the attacker.
Domain Hijacking
Takes advantage of poor spellings of domain names in order to redirect web traffic to a malicious site
Typosquatting/URL Hijacking
This is what it’s called when a system is forced to fail in some capacity, or completely. Can be malicious or benign.
Denial of Service (DoS)
Botnets are often used to carry out this type of attack that attempts at bringing down a service through a swarm of traffic spiking (i.e. consuming bandwidth or memory)
Distributed denial of service (DDoS)
When a DDoS attack is reflected off of another device or service, such as using NTP, DNS, or ICMP to multiply the attack traffic
DDoS Amplification
What could be a possible consequence for a DoS attack performed on a cloud-based application?
More resources consumed means more money the target has to pay the cloud provider
What is it called when a DoS attack is carried out on hardware and software for industrial equipment, electric and utility grids, etc.?
Operational Technolgy (OT) DoS
What are the main applications that can be exploited for scripting and automation attacks?
PowerShell
Python
Unix/Linux Shell
Macros
Visual Basic for Applications (VBA)
