Network Attacks Flashcards
Denial of Service (DoS) Attack
Occurs when one machine continually floods a victim with requests for services
TCP SYN Flood
Occurs when an attacker initiates multiple TCP sessions, but never
completes them
Smurf Attack (ICMP Flood)
▪ Occurs when an attacker sends a ping to a subnet broadcast address with
the source IP spoofed to be that of the victim server
Distributed Denial of Service (DDoS) Attack
▪ Occurs when an attacker uses multiple computers to ask for access to the
same server at the same time
● Botnet
o A collection of compromised computers under the control
of a master node
● Zombie
o Any of the individually compromised computers
On-Path/ Man-in-the-Middle (MITM) Attack
Occurs when an attacker puts themselves between the victim and the
intended destination
Session Hijacking
Occurs when an attacker guesses the session ID that is in use between a
client and a server and takes over the authenticated session
DNS Poisoning
Occurs when an attacker manipulates known vulnerabilities within the
DNS to reroute traffic from one site to a fake version of that site
DNSSEC
Uses encrypted digital signatures when passing DNS information between
servers to help protect it from poisoning
▪ Ensure server has the latest security patches and updates
Rogue DHCP Server
A DHCP server on a network which is not under the administrative
control of the network administrators
Spoofing
Occurs when an attacker masquerades as another person by falsifying
their identity
IP Spoofing
Modifying the source address of an IP packet to hide the identity of the
sender or impersonate another client
▪ IP spoofing is focused at Layer 3 of the OSI model
MAC Spoofing
Changing the MAC address to pretend the use of a different network
interface card or device
MAC Filtering
Relies on a list of all known and authorized MAC addresses
ARP Spoofing
Sending falsified ARP messages over a local area network
▪ ARP spoofing attack can be used as a precursor to other attacks
▪ Set up good VLAN segmentation within your network
VLAN Hopping
Ability to send traffic from one VLAN into another, bypassing the VLAN
segmentation you have configured within your Layer 2 networks