Network exploits and attacks

Question 1

Name 6 network attacks

Answer 1

Wiretapping/eavesdropping, replay, packet interception, address/name spoofing, denial of service, distributed denial of service

Question 2

Describe wiretapping/eavesdropping

Answer 2

Making a copy of packets as they traverse a network in order to obtain information

Question 3

Describe replay

Answer 3

Sending of packets captured from previous session

Question 4

Describe packet interception

Answer 4

Removing a packet from the Internet which allows substitution and man-in-the-middle attacks (an intermediary can modify packets as they pass from source to destination)

Question 5

Describe address or name spoofing

Answer 5

Impersonating a trusted host in order to intercept packets or have malicious packets accepted for processing, an attacker may:
Fake the IP source address in a datagram, get a DNS server to store the attacker’s IP address against a web site’s domain, send fake routing packets so that routers send traffic to a device at attacker controls

Question 6

Describe denial of service

Answer 6

Flooding a site (usually a web server) with packets to prevent the site from successfully conducting normal business

Question 7

Describe distributed denial of service

Answer 7

The attacker coordinates a large set of hosts throughout the Internet (e.g. a botnet) to send a stream of packets to the same server