Network Attacks Flashcards
What is a DNS Poisoning attack?
The act of entering false information into a DNS cache, so that DNS queries return an incorrect response and users are directed to the wrong websites. Also known as DNS spoofing.
What is a DNS Hijacking attack?
A type of DNS attack in which DNS queries are incorrectly resolved in order to unexpectedly redirect users to malicious sites.
What is a Domain Hijacking attack?
A type of attack in which someone takes over a domain, often through social engineering.
What does Address Resolution Protocol (ARP) do?
ARP sits between the Network and Data layer, translating between the two of them. It translates from MAC to IP.
What is ARP Poisoning?
A type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table.
What is MAC Cloning?
When a bad actor spoofs the MAC address of another system to intercept traffic intended for that computer.
What is MAC Flooding?
When a bad actor floods a switch with bogus MAC addresses. As a result, the MAC address table begins to fill. The switch then fail-opens, which essentially turns it into a hub. A bad actor can now sniff out any packets they want.
What is a Denial of Service (DoS) attack?
An attack that is meant to shut down a machine or network, making it inaccessible to its intended users.
What is a Distributed Denial of Service (DDoS) attack?
An attack against a network or website using many pcs. It often includes a botnet.
What are the three types of DDoS attacks?
Reflected DDos, Amplified DDoS, and Coordinated DDoS
What is a Reflected DDoS?
A DDoS attack in which a service request is created using the spoofed IP address of the target. These requests to something like a time server are routed to the target to overwhelm it.
What is an Amplified DDoS?
A DDoS attack in which a service request is created using the spoofed IP address of the target. The service request asks for an increased payload to overwhelm the target.
What is a Coordinated DDoS?
A DDoS attack in which multiple attackers are attempting to bring the target offline.
What is a Man-in-the-Middle attack?
An attacker captures traffic between an authorized user and a user. They can play that traffic back to the server later to gain access to some kind of resource.
What is a Man-in-the-Browser attack?
A form of man-in-the-middle attack where an attacker is able to insert himself into the communications channel between two trusting parties by compromising a Web browser used by one of the parties, for the purpose of eavesdropping, data theft and/or session tampering.
What is a Rogue Access Point attack?
A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well-meaning employee or by a malicious attacker. An illegitimate access point plugged into a network to create a bypass from outside into the legitimate network.
What is an Evil Twin?
A fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. Copy of a legitimate access point. Can scrape credentials or reroute to malicious websites.
What is a Disassociation Attack?
A type of DoS attack in which the attacker breaks the wireless connection between the victim device and the access point.
What is an Initialization Vector?
Extra data tied to encryption to make it harder to spot similarities between packets that have been encrypted. It is random.
What is an Initialization Vector Attack?
An attack that is focused on the initialization vector.
What is a Radio Frequency Identifier (RFID) attack?
An attack that uses middleware to intercept data sent from an RFID device and an RFID reader. It can be used to either clone or spoofing.
What is a Near Field Communication (NFC) attack?
A device is placed that pulls data from an NFC device. It can be used to modify data or eavesdrop.
What is Jamming?
Interrupting wireless (typically 2.4GHz) signals whether intentionally or unintentionally.
What is Bluejacking?
When someone pulls data from an active bluetooth connection.
What is Bluesnarfing?
When someone puts data in an active bluetooth connection in an unauthorized manner.
