Deck A Prt. 2 Flashcards
PGP Encryption
Is a type of Encryption that can be used on emails such that receivers public key can be used to encrypt the email message on the senders side.
Password Salting
Is a common countermeasure to protect against rainbow table attacks.
Port 48101
Is a common port that used for IOT Devices, and this is the port to block first in case you are suspicious that an IoT Device has ben compromised
Quid Pro Quo
Latin Phrase that meaning “Something for something” in this technique attackers keep calling random numbers within a company claiming to be calling from technical support this is a Baiting Technique where attackers offer their service to end users in exchange of confidential data or login credentials.
Remediation
Is the process of applying fixes on vulnerable systems to reduce teh impact and serverity of Vulnerabilites.
Replay Attack
Attacker records the Frequency required to share information between connected IoT Devices. After obtaining the frequency Attacker captures the original DATA when commands are initiated by the connected devices. Once the original data is collected Attacker uses Free Tools such as URH(Universal Radio Hacker) to segregate the command sequence and Injects those on the same frequency into the IoT Network with a goal to capture the signals of the IoT devices. This Replays the commands or captured signals of the Devices.
Robots.txt
Is a FILE that hackers like to Capture that allows them to discover the Structured of a Targe Website during Web Server Footprinting. A website Owner Creates a robots.txt file to list the files or directories a web crawler should index for providing search results. Poorly Written robots.txt files can cause the complete indexing of website files and directories. If confidential Files and Directories are indexed, and attacker may easily OBTAIN Information such as Passwords, Email Addresses, Hidden Links, Membership Areas. An attacker can also download the robots.txt file of a targe website using the Wget Tool.
SNMP
Simple Network Management Protocol that sends Unencrypted Traffic though port UDP 161. It is Recommended to use SNMPv3 which is secure and fully encrypted.
STP Attack
Spanning Tree Protocol is a Layer 2 Attack in which the Attacker install an UNAUTHORIZED Rogue Switch to an unused port in the LAN with apriority lower than any other switch in the network so that he can make it into a ROOT Bridge so he can start SNIFFING and Capturing all the traffic in the Network.
SaaS
Is a CLOUD MODEL where the customer themselves are responsible for Management of user Accounts. The provider takes care of the Hardware, Operating System, & Software Administration
SSRF Attack
Server Side Request Forgery Attack THAT is Used to Obtain a Remote FEED and attacker can change the URL input to the local Hosts to View all the Local Resources on the Targe Server.
Session Fixation Attack
A Technique where the Attacker First Fetches a Valid Session ID by logging into a service and later feeds the same Session ID to the Targe Employee. The Session ID ends up linking the Targe Employee to Attackers Account Page without disclosing any information to the victim. As soon as the victim clicks on the link, it links the SENSITIVE Payment details from the victims account to Attacker Account.
Slowloris Attack
Attack in which partial HTTP Requests are sent to the Web Infrastructure or Applications. Upon receiving a partial request, the Targe servers allow multiple connections and keeps waiting for the requests to complete causing the server to crash.
TCP Mailmon Scan
IS A PORT Scanning Technique in which the attacker Sends FIN/ACK probes and determines that an RST Packet is sent in response by the Targe Hosts, so they know that the Targe port is Closed
TPM
Trusted Platform Module Is a Special Chip on the Motherboard of a server that generates Encryption Keys to and Prevents Decryption of the DISK of one Server on Another Random Hardware.