keywords for ports and malware Flashcards
HTTP
Port and meaning
Port 80
Hypertext transfer protocol
converts IP addresses into URLs and sends them off for the user to connect to.
HTTPS
Port 443
Hypertext Transfer Protocol Secure
(encrypted)
FTP
file transfer protocol
20/21
uses 2 ports and connections (one for communications monitoring, and one for the actual file transfer)
POP3
Post Office Protocol version 3
fetching mail by network…not downloading
110
smtp
simple mail transfer protocol
sending mail
25
imap
internet mail access protocol
accessing mail by downloading
143
port
determines the entry way into a network, and which protocol to use.
firewall
can be digital or physical
prevents access from outside users into the network, also contacts a proxy server when connecting to a server as to hide your info from listeners.
OSI
the seven layer conceptual model for TCP/IP.
TCP/IP
Transmission control protocol/Internet protocol.
rules for conversing with other networks.
Proxy servers
A fake network used to confuse people that aren’t part of the conversation between actual networks.
servers
A central point of a network that can store files and hold the ports for a network too.
ip address
The general location or name of a server, however is converted to a URL for easy understanding by humans.
internal threats
Threats that come from within the business itself.
external threats
threats that come from outside of a business like malware.
anti malware
uses many methods to protect the device from malware. not preventative like firewall.
trojan
disguises as a legitimate program, but actually contains malware
rootkit
malware that attempts to gain admin rights on a network when they shouldnt.
bot
A bunch of fake users that can be designed to create DDOS attacks on a server, can be used for good aswell.
DDOS
Denial Of Service attacks prevent a network or server from working by overloading it with instructions by using bots.
virus
destroys, replicates or changes files on the system, reproduces on the files them selves, executed by unknowing user.
worm
Like a virus, however it replicates on the network, and affects the network.
adware
overloads your computer with annoying pop-ups that entice the user to download something, which is often a virus itself.
ransomware
Encrypts all data on a five and makes the user pay a ransom (often in bitcoin because its untraceable) to get the encryption key to get their data back.
sandbox
An isolated area on a network or computer that is used to test what a program does if it’s suspicious, if it is malware, it is removed from the system.
signature analysis
analyses the hash of a code, this is shorter but malware can get away if their hash (shortened code) is close to a legitimate program’s.
behaviour analysis
uses a sandbox to test what a program does…if malicious then it deletes the program.
heuristic analysis
A slow process, but it scans the entire code of a program to see if any of it is malicious.
zero day attack
companies often rol out patches on a day of the week, hackers will often wait until this day so that they announce what the vulnerabilities are, then attack them, this is why updates should be applied almost immediately.
attack vectors
attack surface
attack vectors are the entry ways that a hacker or malware can get in, they are the “cause” of an attack.
the attack surface is all of the attack vectors combined.
