ch 6 Networking Protocols and Threats Flashcards
PORT ranges
Port Range Category Type Description 0–1023 Well-Known Ports This range defines commonly used protocols; for example, HTTP uses port 80. They are designated by the IANA (Internet Assigned Numbers Authority), which is operated by the ICANN (Internet Corporation for Assigned Names and Numbers). 1024–49,151 Registered Ports Ports used by vendors for proprietary applications. These must be registered with the IANA. For example, Microsoft registered port 3389 for use with the Remote Desktop Protocol (RDP), aka Microsoft Terminal Server. 49,152–65,535 Dynamic and Private Ports These ports can be used by applications but cannot be registered by vendors.
Denial-of-service (DoS)
attacks that attempt to make computer resources unavailable.
Smurf attack:
attacking computer broadcasts
the ICMP echo requests to every computer on its network or subnetwork.
In addition, in the header of the ICMP echo requests will be a
spoofed IP address. That IP address is the target of the Smurf attack.
Fraggle:
UPD port 7 (Echo) and port 19
tear drop attack
Sends mangled IP fragments with overlapping and oversized
payloads to the target machine. This can crash and reboot various operating systems
due to a bug in their TCP/IP fragmentation reassembly code
fork bomb
Works by quickly creating a large number of processes to saturate
the available processing space in the computer’s operating system
distributed denial-of-service (DDoS)
attack is when a group of compromised
systems attacks a single target, causing a DoS to occur at that host.
watering hole attack
This targeted attack is when an attacker profiles the
websites that the intended victim accesses. The attacker then scans those websites
for possible vulnerabilities.
null attack
type of exploit that makes unauthenticated Net-
BIOS connections to a target computer.
Pharming
is when an attacker redirects one website’s traffic to another website that
is bogus and possibly malicious
