Attack Types Flashcards
ARP Poisoning, Spoofing, and Man-in-the-Middle
Redirects your traffic, then passes it on to the destination
You never know your traffic was redirected
ARP has no security, relies on security in the switch
Denial of service
Force a service to fail
Overload the service
Replay Attack
Useful information is transmitted over the network
Network Tap is used to access to the raw network data
Data is replayed to appear as someone else
Spoofing
Pretend to be something you aren’t
Fake web server, fake DNS server, etc.
DNS Poisoning
Modify the DNS server
Modify the client host file
Pharming
Redirection to a bogus site
Combines farming with phishing
Farming - Harvest large groups of people
Phishing - Collect access credentials
Spam
Unsolicited email, traditionally for advertising
Spim
Spam over IM
Spit
Spam over internet telephony
Stopping Spam
White list to only allow known senders
Black list to remove the bad senders
Bayesian filtering can filter based on certain words/phrases
Phishing
Social engineering with a touch of spoofing
Often delivered by spam, IM, etc.
Spear Phishing
More believable phishing with inside information
Spear phishing the CEO is “whaling”
Xmas Tree Attack
Send a carefully crafted packet to a host
URG, PUSH, and FIN are set - 00101001
Transitive attacks
A trusts B, B trusts C, therefore A trusts C
Client-side attacks
Attack the client - Bad programming makes it easier
Browsers, media players, office applications, email clients
