Communications and Network Flashcards
Directory traversal
Directory traversal is an HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server’s root directory.
FQDN
Fully Qualified Domain names
Class of IP address
Class A - 1 to 127
Class B - 128 to 191
Class C - 192 to 223
Class D - 224 to 239
PPP and SLIP
The Point-to-Point Protocol (PPP) is
an encapsulation protocol designed to support the transmission of IP traffi over dial-up
or point-to-point links. PPP includes a wide range of communication services, including
assignment and management of IP addresses, management of synchronous communications,
standardized encapsulation, multiplexing, link confi guration, link quality testing,
error detection, and feature or option negotiation (such as compression). PPP was originally
designed to support CHAP and PAP for authentication. However, recent versions of PPP
also support MS-CHAP, EAP, and SPAP. PPP replaced Serial Line Internet Protocol (SLIP).
SLIP offered no authentication, supported only half-duplex communications, had no errordetection
capabilities, and required manual link establishment and teardown
CHAP
Uses MD5 challenge
ICMP Message Reject and Drop
Reject allows failed traffic to create an ICMP error message and return it to the sending device.
Drop silently discards any traffic that is not allowed into the network or that creates an ICMP error message.
Ethernet
Baseband Technology
Star or Bus Topology
DSL, Cable Modem, cable TV
Broadband
Anycast
Anycast addressing routes datagrams to a single member of a group of potential receivers that are all identified by the same destination address. This is a one-to-nearest association.
Broadcast addressing uses a one-to-many association, datagrams are routed from a single sender to multiple endpoints simultaneously in a single transmission. The network automatically replicates datagrams as needed for all network segments (links) that contain an eligible receiver.
Multicast addressing uses a one-to-unique many association, datagrams are routed from a single sender to multiple selected endpoints simultaneously in a single transmission.
Unicast addressing uses a one-to-one association between destination address and network endpoint: each destination address uniquely identifies a single receiver endpoint.
Geocast refers to the delivery of information to a group of destinations in a network identified by their geographical locations. It is a specialized form of Multicast addressing used by some routing protocols for mobile ad hoc networks.
WAN
Digital Data Service - Circuit Switch
Frame Relay, X.25, ATM - Packet Switch
APIPA Automatic Private IP Addressing
Automatic address scheme when no address server is found or if DHCP fails
169.254.0.1 to 169.254.255.254 with Class B subnet mask
Port Spanning
Allows one port to see another port’s traffic
Ethernet switch
Perform physical segmentation and not logical segmentation
Type of attacks to overcome the segmentation of switch
1) Flooding - Process of sending large traffic in to the network. Flood with MAC address and switch will act as Hub
2) ARP Poisoning.
Wormhole attack
The attacking node captures the packets from one location and transmits them to other distant located node which distributes them locally.
Blackhole Attack
destination when data is sent to a nonexistent receiver
Tunneling Attack
Method to move the data between attackers
out-of-band attack
Was DOS attack against Windows 95 and windows for Workgroups
IPSec Transport adjacency
More than one secuirty protocol (AH and ESP) is used in VPN tunnel.
IPSec Internal Tunneling
Used if traffic needs different levels of protection at different junctions of its path. For internal needs only AH but for external needs ESP
Is Modem asynchronous
Yes, Transmitted data can travel at any time, can be any length, and uses stop and start delimiters.
Wireless Application Protocol
Wireless Application Protocol (WAP) was designed to meet the needs of a variety of wireless devices.
Class 1 is anonymous authentication,
Class 2 is server authentication
Class 3 is two-way client/server authentication.
One of the WAP protocol - WTLS Wireless Transport Layer Security
Exterior Routing Protocol
BGP
Interior Routing Protocol
OSPF, RIP
TSIG - Transaction Signature
Used primarily by the Domain Name System (DNS) to provide a means of authenticating updates to a DNS database. It is most commonly used to update Dynamic DNS or a secondary/slave DNS server.
Bluejagging
Transmit SMS-like message to the phone
BlueSnarfing
Connect with device via bluetooth without owners knowledge and extract information
Bluebugging
get hackers remote control over the phone
Application Proxy
Make decision based on protocol command structure and understand the granularity of protocol
Circuit proxy
Make decisions based on the header information
Metro Ethernet - MAN Protocol
Access Layer - Connects customer network to SP’s aggregation network
Aggregation Layer - Occurs on distribution network
Metro Layer - Is the Metropolitan Area Network
Core Layer - Connects different Metro network
DHCP Snooping
Ensures that DHCP servers can assign IP addresses to only selected systems,identified by their MAC addresses.
SYN Flood
Half open DOS attack
DNSSEC - DNS Secuirty Exchange
If DNSSEC were enabled on a DNS server, then the server would, upon receiving a response, validate the digital signature on the message before accepting the information to make sure that the response is from an authorized DNS server.
Email - Sender Policy Framework - SPF
Sender policy framework (SPF) is an e-mail validation system designed to prevent spam and malicious e-mail by detecting e-mail spoofing. Attackers commonly spoof e-mail addresses to try and fool the receiver into thinking that the message came from a known and trusted source. SPF allows network administrators to specify which hosts are allowed to send mail from a given domain by implementing an SPF record in the Domain Name System (DNS)
Socket
When a TCP or UDP message is formed, a source and a destination port are contained within the header information along with the source and destination IP addresses. This makes up a socket, which is how packets know where to go—by the address—and how to communicate with the right service or protocol on the other computer—by the port number
VPN Tunneling Protocol for dial up
PPTP
DNS Sppofing - REcursive and Iterative query
In a recursive query the DNS server often forwards the query to another server and returns the inquirer the proper response. In an iterative query, the DNS server responds with an address for another DNS server that might be able to answer the question, and the client then proceeds to ask the new DNS server. Attackers use recursive queries to poison the cache of a DNS server. In this manner, attackers can point systems to a web site that they control and that contains malware or some other form of attack. Here’s how it works: An attacker sends a recursive query to a victim DNS server asking for the IP address of the domain www.logicalsecurity.com. The DNS server forwards the query to another DNS server. However, before the other DNS server responds, the attacker injects his own IP address. The victim server accepts the IP address and stores it in its cache for a specific period of time. The next time a system queries the server to resolve www.logicalsecurity.com to its IP address, the server will direct users to the attacker’s IP address. This is called DNS spoofing or DNS poisoning.
Cybersquating
Cybersquatting occurs when an attacker purchases a well-known brand or company name, or variation thereof, as a domain name with the goal of selling it to the rightful owner. In the meantime, the company can be misrepresented to the public.
ISDN PRI Primary Rate interface
2 to 23 B channel
One 64kbps D channel
193 to 1544 Kbps
Ethernet
Transmits timing info with preamble of 1 and 0.
Use CSMA/CD
ARP request never leave broad cast domain and never pass router.
True or False
True
IP protocol field value
ICMP 0x01
TCP 0x06
UDP 0x11
IGRP 0x58
Types of XSS Vulnerablity
Persistent or second order
Non Persistent or Reflected
DOM based
Persistent or second order XSS vulnerability
Targets web sites that allow users to input data that is stored in a database.
CM: Secure Programming practices
Non Persistent or reflected XSS Vulnerability
Attacker tricks the victim into opening a URL programmed with a rogue script to steal the victim’s sensitive information, such as a cookie or session ID
DOM - Document Object Model (DOM) Based XSS Vulnerability
Modify the original client-side JavaScript. This causes the victim’s browser to execute the resulting abusive JavaScript code. Thus, cross-site attacks can be used to exploit vulnerabilities in the victim’s web browser. Once the system is successfully compromised by the attacker, he may further penetrate into other systems on the network or execute scripts that may spread through the internal network.
CM:
Disable scripting language support in the browser.
Content filtering proxy servers
Cybersquating
Cybersquatting occurs when an attacker purchases a well-known brand or company name, or variation thereof, as a domain name with the goal of selling it to the rightful owner. In the meantime, the company can be misrepresented to the public.
Virtual Firewall - Bridge mode
Monitor individual traffic links between virtual machines, or they can be integrated within the hypervisor of a virtualized environment
Virtual Firewall - Hypervisor Mode
he hypervisor is the software component that carries out virtual machine management and oversees guest system software execution. If the firewall is embedded within the hypervisor, then it can “see” and monitor all the activities taking place within the host system.
