Chapter 14 Flashcards
(25 cards)
What does a Denial of Service Attack Do?
Prevents the user from accessing the network or its resources. p. 474
Name some Denial of Service Attacks.
The ping of death, unreachable gateway, Distributed DOS, Friendly DOS, physical attack, Permanent DOS, Smurf, SYN Flood, Stacheldraht, Reflective/Amplified attacks, ARP Cache Poisoning, Packet protocol abuse, p. 474-480
Describe the Ping of Death.
A lot of ICMP packets are sent to a remote host victim. This overwhelms their victims buffer p. 474
Why would an attacker make a host’s default gateway unreachable?
To get the host to change their gateway address to an address controlled by the attacker. p. 474
Define Botnet.
In a distributed DoS a group of people combine efforts to accomplish an attack. p. 475
true or false: A Phlashing Denial of Service attacks the firmware located in many systems.
True
What is a smurf?
Its an attack that floods its victim with spoofed broadcasts ping messages. p.477
Describe what happens during an SYN Flood.
A DOS attack that floods the receiving machine with lots of packets that cuase the victim to waste resources by holding connections open. p. 478
What does Stacheldraht mean?
its “barbed wire” in german. it incorporates TFN and adds encryption. p. 478
what protocols does a Reflective/Amplified Attack use to attack a victim?
DNS and NTP. p. 478
How does a DNS amplification attack work?
The attacker delivers traffic to the victim by reflecting it off a third party. p. 479
How is an NTP attack differ from a DNS attack?
Instead of the attacks being reflected from DNS servers they are reflected from NTP servers. p. 479
How is ARP cache poisoning accomplished?
By pinging a device with a spoofed IP address. p. 480
How is Packet/Protocol Abuse accomplished?
By concealing one protocol within another. It allows it to get passed a firewall. p. 480
Define Spoofing.
Changing a source IP address so that one computer appears to be a different computer. p. 481
Describe a Brute force attack.
Trying to guess every password. p. 482
What are some ways that session hijacking may be accomplished?
Session FIxation
Session Sidejacking
Cross Site Scripting p. 482
Define Session Fixation.
An attacker sends a link to the victim. When the user connects, the attacker waits for authenticate and then takes over the session by disconnecting the user and use the session ID he set in the beginning to attack. p. 482
Define Session Sidejacking
The attacker uses a sniffer to steal a session cookie from the user. (or steal the session key from the computer’s memory) p. 482
Define Cross Site Scripting
The atacker uses the user’s computer to run code on the site that may allow him to obtain the cookie. The attacker does this by putting malware on the victim’s computer. The malware runs the code on the site after the user authenticates to the site. p.482
True or False: VLANs are layer 1 subdivisios of the ports in a single switch.
False (they are layer 2) p. 482
True or false: RADIUS is an example of Authentication.
True p. 483
What key trait of viruses allows them to effect many users?
They can replicate to other computers when someone clicks on a link. p. 484
How can you mitigate the effects of a worm?
Place limits on sharing, writing and executing programs. p. 485
