Replay Attack Flashcards

1
Q

Replay Attack

A

Information transmitted over a network such as login information is copied/captured and used to grant the attacker access. This is not an on-path (man in the middle) attack because they can replay the information later. It does not require the original workstation or be on the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Pass the hash

A

Attacker captures authentication info (user name/pass) Users can protect themselves by salting their authentication or using encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cookies

A

Information stored on your computer by the browser. Used for tracking, personalization, session management. Not a security risk unless an attacker gets access to them. Session ID’s are often stored in cookies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Session Hijacking (Sidejacking)

A

When a client first connects to a server, it is granted a session ID. If the attacker gains access to the session ID, they can directly connect to the server without needing to authenticate via user name and password. Stay protected by using SSL or TLS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Header Manipulation

A

User information is gathered via Wireshark or Kismet programs (user ID/pass) from network, or exploits such as Cross-site scripting (session ID) from the server. Attacker modifies headers by third party utilities or modifying their own cookies to make them look like they originate from the compromised user.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you prevent session hijacking?

A

Encryption - Attackers cant steal information they cant read/see. Use HTTPS or TLS. Firefox extensions force HTTPS or TLS. Many sites are HTTPS only. Personal VPN’s encrypt data to prevent information gathering.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly