Protecting Your Network Flashcards
DNS Poisoning
In DNS cache poisoning an attacker targets a DNS server to query an evil DNS server instead of the correct one. The DNS server will cache that spoofed information, spreading it to hosts and possibly other servers.
Zero-Day Attacks
New attacks using vulnerabilities that haven’t yet been identified (and fixed) are called zero-day attacks.
Amplified DoS Attack
The aspect of a DoS attack that makes a server do alot of procesing and responding is called amplification, thus the term for this attack is an amplified DoS attack.
Deauthentication (deauth) attack
A from of DoS attack that targets 802.11 networks specifically by sending out a frame that kicks a wireless client off its currnet WAP connection.
Session Hijacking
The interception of a valid computer session to get authentication information.
Virus
A virus only replicates to other applications on a deive or to other drives, such as flash drives or optical media. It does not replicat across networks. A virus needs human interaction to spread.
Worm
Replicates exclusively through networks. Unlike a virus, a worm doesn’t require human interaction to spread. If the infected computer is on a network, it will immediately start sending copies of itself to any other computers it can locate on the network. Worms, unlike viruses, do not need host files to infect.
Macro
Is any type of virus that exploits application macros to replicate and activate.
Rootkit
A Trojian horse that takes advantage of very low-level operation system frunctions to hide itself from all but the most aggressive of anti-malware tools.
Phishing
A social engineering technique where the attacker poses as a trusted source in order to obtain sensitive information.
Locks computer
WINDOWS KEY + L – windows
CTRL + ALT + L – linux
TEMPEST
Developed by the NSA to combat RF emanation, TEMPEST defines how to shield systems and manifests in a number of different products
NAC
Network Access Control or Network Admission Control: is a standardized approach to verify that a node meets certain criteria before it si allowed to connect ot a network.
Device Hardening
- Change default credentials
- Keep devices up to date
- Disabling unnecessary services
- Using secure protocols
- Disabling unused ports
DAI
Dynamic ARP Inspection: Designed to prevent ARP cache poisoning. A technolody in switches that keeps track of ARP information, compiling a list of known good, identifiable IP and MAC addresses