Chapter 5 - Networking And Server Attacks Flashcards
2 types of networking-based attacks
1) interception attacks
2) poisoning attacks
3 of the most common interception attacks
1) Man-in-the-Middle (MITM)
2) Man-in-the-Browser (MITB)
3) Replay
Man-in-the-Middle (MITM)
An attack that intercepts legitimate communication and forges a fictitious response to the sender.
Man-in-the-Browser
An attack that intercepts communication between a browser and the underlying computer.
Replay attack
An attack that makes a copy of the transmission before sending it to the recipient.
ARP poisoning
An attack that corrupts the ARP cache.
MAC spoofing
Imitating another computer by means of changing the MAC address.
DNS poinsoning
An attack that substitutes DNS addresses so that the computer is automatically redirected to an attackers device.
Some types of server attacks
1) Denial of service
2) Web server application attacks
3) Hijacking
4) Overflow attacks
5) Advertising attacks
6) Exploiting browser vulnerabilities
Denial of service (DoS)
An attack that attempts to prevent a system from performing its normal functions by overwhelming the system with requests.
Distributed denial of service (DDoS)
An attack that uses many computers to perform a DoS attack.
2 types of web server application attacks
1) cross-site attacks
2) injection attacks
2 types of cross-site attacks
1) cross-site scripting (XSS)
2) cross-site request forgery (XSRF)
Cross-site scripting (XSS)
An attack that objects scripts into a web application server to direct attacks at client.
Cross-site request forgery (XSRF)
An attack that uses the users web browser settings to impersonate that user.
