Attacks Flashcards
Teardrop
During a Teardrop attack, an attacker sends several large overlapping IP fragments. The victim system will attempt to reassemble these packets, sometimes causing the system to crash. The Teardrop attack is called a Denial of Service (DoS) attack, because it denies service to the victim.
Smurf
In a Smurf attack, an attacker pings a broadcast address by sending Internet Control Message Protocol (ICMP) Echo Request packets with a forged source address. Every device that receives the ICMP ping will send an Echo Reply to the forged source address, which can overwhelm the device at that source address. Therefore, the Smurf attack is also a DoS attack
Fraggle
In a Fraggle attack, an attacker sends User Datagram Protocol (UDP) echo and chargen packets with a forged source address. Every device that receives one of these UDP broadcasts will send a response to the spoofed source address, which can overwhelm the device at that source address. Therefore, the Fraggle attack is also a DoS attack.
LAND
In a Local Area Network Denial (LAND) attack, an attacker sends an IP packet with the same source and destination address and port. When the victim with that destination address receives the packet, it can become confused and crash.
POODLE
Padding Oracle On Downgraded Legacy Encryption (POODLE) was originally a man-in-the middle attack that was designed to exploit vulnerabilities in security protocol fallback mechanisms from Transport Layer Security (TLS) to Secure Sockets Layer (SSL) 3.0. That variant of the POODLE attack could decrypt a single byte of an encrypted message by making up to 256 SSL 3.0 requests while eavesdropping on an encrypted connection. A later variant of POODLE discovered in 2014 is capable of exploiting bugs in the implementation of block cipher mode in TLS from version 1.0 through version 1.2.
Heartbleed
Heartbleed is an OpenSSL vulnerability that could allow an attacker to obtain approximately 64 kilobytes (KB) of information from a web server’s memory at regular intervals. The Heartbleed bug, which was discovered in 2014, was a memory-handling bug present in OpenSSL from version 1.0.1 through version 1.0.1f. OpenSSL 1.0.1g was the first version to fix the bug. By exploiting this vulnerability, an attacker can obtain a server’s private key, which could in turn allow the attacker to decrypt communications with the server or perform man-in-the-middle attacks against the server.
FREAK
Factoring Attack on RSA-EXPORT Keys (FREAK) is a technique that can be used in a man-inthe-middle attack to force the downgrade of an RSA key to a weaker length. FREAK, which was discovered in 2015, enables an attacker to force the use of a weaker encryption key length, enabling the attacker to use brute force to decrypt messages sent between a vulnerable server and a vulnerable client.