Ch7: Protecting Against Advanced Attacks Flashcards
Spoofing attacks
typically change data to impersonate another system or person
ARP poisoning attacks
attempt to mislead systems about the actual MAC address of a system. Sometimes used in MITM attacks
DNS poisoning attacks
attempt to corrupt DNS data
Amplification attacks
A type of DDoS attack that increases the amount of traffic sent to or requested from a victim and can be used against a wide variety of systems, including individual hosts, DNS servers, and NTP servers
Brute force attacks
Attempt to guess passwords by trying every combination. Online attacks guess the password of an online system. Offline attacks guess the password stored in a file, such as a database
Dictionary attacks
use a file of words and common passwords to guess a password
These protect against brute force attacks
Account lockout policies
These can help prevent dictionary attacks
Complex passwords
Pass the hash attack
attempts to use an intercepted hash to access an account
Salting
adds random text to passwords before hashing them and thwarts many password attacks, including rainbow table attacks
Hash collision
occurs when the hashing algorithm creates the same hash from different passwords
Birthday attacks
exploit collisions in hashing algorithms
To defeat replay attacks, use
timestamps and sequence numbers
Typo squatting/URL hijacking
Attackers purchase similar domain names. Users visit the typo squatting domain when they enter the URL incorrectly with a common typo
Session hijacking attack
attacker utlizes the user’s session ID to impersonate the user