Securing Individual Systems Flashcards
Phishing
Unsolicited emails that typically request info
Spear phishing
Similar to phishing but it uses details it knows about you to look legit
Snapshot
System image
What does rollback refer to?
Small part of a system
Ex: rolling back a driver or app version
DOS
-Attacks can be broadly broken down into volumetric, protocol, and application attacks
Denial of Service
What is session hijacking?
Two clients talking to each other and you get in the middle of them in real time - Like MIM but real time during their session
ex: FireSheep
What is an application Attack?
-Also known as a slow loris attack
Client initiates communication with server but then stops replying over and over
Vishing
Voice based solicitations requesting info about you
Live Boot Media
Ex: Ubuntu disk being able to boot up with a runable version
- Example of non-persistence
- Persistence would be actually installing it
MIM
- 3rd party intercepting between a two party conversation
- Uses information to the third party’s advantage
Man-in-the-Middle
Domain Jacking
Waiting for someones domain contract to end and buying their website name to change it and try to resell it back
What is a botnet?
Group of computers with malware on them that can be controlled by one computer
Elasticity
Able to scale up temporarily to handle more traffic
What is a volumetric attack?
Ping or UDP’s being sent to server in large amounts without giving server time to respond
Distributive Allocations
Have backups in different locations
Non-Persistance
Being able to go back to a known state - data that is collected but will not be saved on restart
DDOS
-Uses multiple systems to attack a single host
Distributed Denial of Service
Type of attack where you use a username and password hash to enter it as the user without having to even crack it
Replay Attack
Sending malicious ARP packets to default gateway
-this can change the ARP to think you are a different computer on the network
ARP Poisoning or ARP Spoofing
Spim
Phishing but in instant messenger services
What is Ettercap?
A spoofing tool
Typo Squatting
Making a website close to another in hopes people will mistype and end up on your
ex: www.gogle.com
What is a protocol attack?
SYN flood / TCP SYN attack
-floods server with SYN requests
Type of attack where you act as a client to downgrade encryption to a web server
Downgrade Attack
What is an Amplification Attack?
-Smurf Attack
Attacker spoofs website IP address and sends out broadcast to network - networks all start replying back to target - this generates a lot of packets being sent around to network just by sending one packet in
Using Fake information to fool someone
ex: making your IP address appear to be someones elses so that another computer will trust you
Spoofing
Denial of service attack is what?
Prevents others from access a system
Privilege Escalation
Getting enough privilege to do something that can cause damage