T5

Question 1

Pharming Attack

Answer 1

Manipulating web traffic to redirect users to a fake website

Question 2

Primary goal of a pharming attack

Answer 2

Steal sensitive information like usernames, passwords, payment details, using fake logins and payment forms.

Question 3

Why is it calling pharming?

Answer 3

phishing (tricking into stealing info) + farming (hurding animals, passive redirects!)

Different rom phising because user can type a correct URL and still get brought to fake site!

Question 4

Two approaches for Attacking HTTP (Pharming)

Answer 4

1. Network-wide operation
2. Single host

Question 5

Network-wide http attack strategies

Answer 5

1. Rogue DHCP server to provide fake DNS settings
2. Packet manipulation by altering traffic destinations with tools loke iptables

Question 6

Single host http attack techniques

Answer 6

1. Edit /etc/hosts file
2. Manipulate DNS settings in router or device to point to fake server

Question 7

HTTPS attack strategies (pharming)

Answer 7

1. Forging TLS certificate
2. Add new fake CA Authority/certificate to specific browsers list of trusted certificates

Question 8

What must you do if a CA’s private key is compromised?

Answer 8

Revoke all certificates issued by that CA immediately! Not a lot of developers know that. Remember gpg we made revocation certificate.