Replay Attacks 2.4 Flashcards

1
Q

Replay Attacks

A
  • Attempts to recreate the conditions that the sequence of events occurred.
  • Attacker replays the data to appear as the victim or someone else.
  • Not an On-Path Attack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Methods to Perform a Replay Attack

A
  • Network tapping
  • ARP poisoning
  • Place malware on the computer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Pass the Hash

A
  • Attacker captures the hash used to authenticate a process.
  • Is injected into a process in place of the password.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Avoiding “Pass The Hash”

A
  • Use salt or encryption
  • Session ID
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cookies

A
  • Text files sent with every request to a website
  • Used for tracking, personalization, session management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security Risks of Cookies

A
  • Contains lots of user information and personal data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Session Hijacking

A
  • Also known as Sidejacking
  • Attack against the communication session
  • Injects packets into the middle of the communication session.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Session ID

A
  • A unique ID provided by server to identify a user’s session upon accessing the system.
  • Contained within the Headers that are sent back and forth between each system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Header Manipulation Methods

A
  • Information gather: Wireshark, Kismet
  • Exploits such as Cross-site scripting
  • Modifying headers
  • Modifying cookies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Preventing Session Hijacking

A
  • Encrypt end to end: Encrypting from the device to the server/system
  • Encrypt end-to-somewhere: Partial encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly