Network Security Attacks Flashcards

1
Q

What are the Areas of Network Vulnerability

A

Ports
Routers
Servers
Communication Channels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Port Scanning attacks

A

A process which checks which ports are open and which are open, and listen to data arriving and leaving the port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name 3 Types of Port Scanning:

A

Vanilla
Scanner tries to connect to all I/O ports.

Strobe
Specialized scan looking for specific services.

Stealth Scanning
Fragmented packets can sometimes make it through filters in the firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Router attacks and give an example

A

Router attacks can take advantage of vulnerabilities in protocols, inconsistencies in router software and weak authentication.

Wardriving - Drive around a neighbourhood to try and find unprotected wifi hotspots.

Physical Access to the router

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Name 3 Denial Of Service (DOS) attacks

A

Bandwidth flood
Service request flood
SYN flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

describe a SYN flood attack

A

SYN are the synchronization packets used in TCP connections.
SYN flood attacks exploit the 3 way handshake for TCP connections, by sending multiple SYN packets to the destination, but never replying to the acknowledgement received.
This means the server will assume the acknowledgements did not arrive, thus will resend them again and again.

If packets are seen by the server as being lost, depending on the protocol in use, the system might even slow down if it thinks the network is congested (due to the packet loss). This will further slow down the system, increasing the effect of the DOS attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Name 3 aspects of Distributed Denial of Service (DDOS) attacks

A

Bot - A type of malicious software that gives the attacker full control over the computer.

Zombie - An internet connected computer infected with Bot.

Botnet- A collection of Zombies that together can be used to perform a DDOS attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Packet Sniffing

A

The attacker can snoop through packets going through the network.

Can overload switches and put them in a “promiscuous mode”.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Man in the Middle (MITM) attacks

A

The attacker intercepts the network communication from the server and the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Spoofing attacks

A

ARP maps IP addresses to MAC addresses

In a spoofing attack, the attacker will map the IP address of the victim to their MAC address. This will redirect packets that were meant for the victim, to be delivered to the attacker instead.

In a LAN - Address Resolution Protocol

On the internet - DNS Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Replay attack

A

Attacker “replays” a stream of communication to one of the parties.

This can be done for example to retrieve the password and username from the user, by “replaying” the communication that pertained to log in details.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly