Security Flashcards
War Driving
When people seek out unsecured networks by using sniffer hardware and cruising neighborhoods.
War Chalking
Marks made indicating open Wi-Fi signal.
Rogue Access Points
Unauthorized WAPs
WIPS: Wireless Intrusion Prevention System
Evil Twin
WAP that has an SSID very similar to that of a legit WAP. People who log in have keystrokes recorded. Wireless phishing basically
Need for Mutual Authentication
* LEAP * PEAP
Man in the Middle Attack
Eavesdropping vulnerability (sniffer) Most common threat of wireless networks
Person inserts himself into a conversation between two others, covertly intercepting traffic thought to be private.
Virus
Replicate & ActivateNeeds human action to spreadDoes not replicate across networks, just drives
Worm
Replicates exclusively through networksDoes not need human action. If the infected computer is on a network it will immediately start sending copies of itself to any other computers on the network it can locate. Works similarly to a virus
Macro
Any type of virus that exploits application macros to replicate and activate. Is also programming within an application to control aspects of an application.
Trojan
Looks/pretends it is doing one thing while really it’s doing something evil. Examples: a game or free screensaver or even turn a computer into a server then open TCP/UDP so a remote user can control the computer.DO NOT REPLICATE
Rootkit
A Trojan that hides in low-level OS functionsGains privileged access to the computer.
Adware
Monitors the types of websites you frequentUses that information to generate targeted advertisements, usually pop-up windowsNot bad by definition but try and get you to access ads with more evil malware.
Spyware
Any program that sends info about your system or your actions over the internet. Browsing history, keystrokes, contacts, etc. Sometimes bundled with other software or ads to make then look innocent. Adware can contain spyware.
DoS Attack
Denial of Service AttackHackers - only interest is bringing network downFlood network with so many requests that it becomes overwhelmed and stops functioning
Smurf Attack
Type of DoS attack but attacker floods networks with ping packets sent to the broadcast address. Broadcast pings sent to the victimReturn address of pings is spoofed to be that of the intended victim. When computers on the network respond to the initial ping the response goes to the victim. Thus the effect is amplified on larger networks.
DDoS Attack
Distributed Denial of Service AttackUses multiple computers under control of a single operator to launch attack. Use malware to take control of the computers used. A single computer under their control = zombie. A group of computers under their control = botnet.
RADIUS
Remote Authentication Dial In User ServiceEnables remote users to connect to a network serviceProvides authentication through username/passwordEnables you to set a user’s rights once in the networkSupplicant>NAS>RADIUS server>Access to network resources granted
EAP
Extensible Authentication Protocol
Used in conjunction with the 802.1X protocol to provide robust authentication possibilities
Smart cards, certificates, Kerberos, and biometric schemes like retinal scans and fingerprint and voice recognition.
WEP
Wired Equivalent Privacy
RC464 or 128 bit encryption
WPA
Wi-Fi Protected AccessTKIP (Temporal Key Integrity Protocol)128 bit encryption key
WPA2
Wi-Fi Protected Access 2AES (Advanced Encryption Access 2)128 bit block cipherIf using RADIUS with WPA2 = WPA2 Enterprise
Kerberos
Centralized Authentication within a realm
Three components:
*Client
* Server
* Authentication Server (KDC)
Services provided:
* Single sign-on (SSO)
* Mutual authentication
* Protects authentication credentials by using
symmetric encryption
SSH
Uses 3DES to encrypt all data between two machines.
