Module2: Denial of Service and Social Engineering

Question 1

Why are DoS attack considered so ‘nasty’?

Answer 1

• One of the easiest attacks to launch
• Hard to trace the attacker
• Solving the attack often involves shutting down the service - self DoS

Question 2

What are the two types of DoS attacks?

Answer 2

• Flooding DoS attack

- Logic DoS attack

Question 3

What is a flooding DoS attack?

Answer 3

Flood of real-looking but unnecessary data so that its resources are consumed.

Question 4

What is a logic DoS attack?

Answer 4

Exploit the vulnerabilities of the target intelligently

Question 5

What are the 10 types of DoS attacks?

Answer 5

• ping Flood
• TCP/SYN attack
• Land attack
• Other TCP attacks
• Tear drop attack
• Ping of death
• Smurf attack
• UDP Flood
• HTTP verb attacks
• SSL-based DDoS attacks
• Botnet based DDoS attack

Question 6

What is a DoS ping attack?

Answer 6

Send large ‘pings’ to a server non-stop

Question 7

What is a DoS TCP-SYN attack?

Answer 7

Victim is flooded with spoofed TCP SYN requests

Question 8

What is a DoS Land attack?

Answer 8

Attacker sends a TCP SYN segment that has been tweaked so that the source IP address and the destination IP address are both that of the victim machine.

Question 9

What is a DoS tear drop attack?

Answer 9

An attacker repeatedly fragments IP packets, sends all but one packet to the destination.

Question 10

What is a DoS ping of death attack?

Answer 10

Fragmented ping packet - breaks several systems vulnerable to this attack.

Question 11

What is a DoS smurf attack?

Answer 11

ICMP echoes on a network are redirected to the victims host. The ICMP echo was tweaked with source IP = the victims IP.

Question 12

What is a DoS UDP flood?

Answer 12

Spams all ports with UDP requests for ICMPs

Question 13

What is a DoS HTTP Verb attack?

Answer 13

Make several get requests from a single page

Question 14

What is a DoS SSL-based attack?

Answer 14

• SSL connections are heavy

- Make several requests to high-load sections of the website

Question 15

What is a DoS botnet attack?

Answer 15

Deploy a botnet to attack a host with a SYN attack - Mirai is an example.

Question 16

How can you prevent DoS attacks?

Answer 16

• Block invalid requests
• Whitelist IP addresses
• CAPTCHA
• Match incoming requests (counter-attack)
• Backup
• DDoS protective service
• Redundancy

Question 17

What are the four social engineering ‘tricks’?

Answer 17

• Impersonation
• Ingratiation (appeal to vanity)
• Diffusion of responsibility (convince that information has been given by other people in the company)
• Plain old friendliness (appeal to the helpful nature)

Question 18

What is dumpster diving?

Answer 18

Collect information from company’s trash.

Question 19

What is social engineering by phone?

Answer 19

Call up and imitate someone.

Question 20

What is shoulder surfing?

Answer 20

Watch over your shoulder and get information.

Question 21

What is baiting?

Answer 21

Send legit email - get user’s information

Question 22

What is phishing?

Answer 22

Legit looking email to extract information from user

Question 23

What is pharming

Answer 23

altering DNS poisoning

Question 24

What is phlashing?

Answer 24

Permanent DoS

Question 25

What is reverse social engineering?

Answer 25

Get the victim to contact the attacker

Question 26

How can you mitigate social engineering attacks?

Answer 26

• Education

- Policies