chapter 14 Flashcards
Denial of service( DoS)
474
DoS prevents users from accessing network and resources.
what are some of DoS ?
474
The Ping of death
unreachable gateway
distributed DoS DDos
A ping of death?
474
sending a humongous ICMP packet to a remote host victim
distributed DoS DDos?
475
is a type of DOS attack where multiple compromised systems, which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack.
botnet
475
is a group of programs connected on the internet for the purpose of performing a task in a coordinated manneer.
botnet
475
is a group of infected computers that are under the control of one or more individuals. The infected computers are used to perform tasks impossible for a single computer, such as distributing millions of SPAM e-mail’s or a Distributed Denial of Service (DDoS) attack.
Traffic spike is _____
476
is one of DDoS attack is a major spike in traffic in the network
we recognize the traffic spike using what?
476
a network intrusion detection system ( IDS)
A smurf
477
it is a vertion of a DoS attack tat flood it’s victim with spoofed broadcast ping messages.
how does smurf work?
477
- smurf involves stealing someone IP address.
- A smurf attack refers to a malicious network attack on a computer with the end-goal of rendering the victim’s computer unusable. An attacker does this attack by creating a spoof, or virtual copy, of a victim’s IP address and broadcasts that IP address by attaching the victim’s IP address to a broadcast IP address. Once the victim’s IP address is broadcasted, most networked devices respond to the IP address by sending a data packet back to the source from which the broadcast came. Therefore, if an attacker is broadcasting a victim’s IP address, all of the replies can become so overwhelming that they render a victim’s computer inert.
permanent DoS attack
477
known as Phlashing is a permanent denial of service (DoS), it attack that firmware located in many systems.
SYN flood
478
Alternatively referred to as an SYN flood, an SYN attack is a Denial of Service (DOS) attack on a computer or network. It is carried out by flooding the network with spoofed SYN packets or packets that contain an address that never responds to the SYN/ACK requests. Essentially, the connection queues fill up with bad connections, and service is denied to legitimate users.
Stacheldraht
478
is a program that can be used to perpetrate several different DDoS attacks
A DNS amplification attack
479
A DNS amplification attack is a form of reflection attack, The attacker spoofs look-up requests to domain name system (DNS) servers to hide the source of the exploit and direct the response to the target.
NTP reflection attack:
479
the attacker and his bots sends a small spoofed 8 byts UDP to NTP servers that requests a large amount of data to be sent to the target IP.
the NTP attack can be prevented using which version of NTP?
479
version 4.2.7
ARP cache poisoning
480
the cache can be poisoned by pinging a device with incorrect IP address
Brute Force:
482
is a form of a password attack
how to prevent a brute force attack?
482
setting an account lockout policy , that is going to lock up the account after a number of failed attemps.
VLAN hopping
482
a method of attacking networked resources on a Virtual LAN (VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
what is Double tagging?
482
Double tagging is a method involves tagging transmitted frames with two 802.1q headers, one of the headers is used for Victim switch and another is used for the attacker’s switch.
