Threats Flashcards
1
Q
Syn flood
A
DOS.
- Start but never complete the TCP handshake.
- Block with stateful firewall
2
Q
Smurf
A
DOS
- ICMP requests to third parties with victim’s return address.
- Block distributed broadcasts on routers
3
Q
Teardrop
A
DOS
- Send malformed TCP packets that the victim struggles to reassemble.
- Block by using modern OS
4
Q
Bonk
A
DOS
- Send malformed TCP packets that force victim to struggle with reassembling packets too large
- Block by using modern OS
5
Q
Ping flood
A
DOS
- Flood victim with ping requests
- Block incoming ICMP requests at firewall
6
Q
Ping of death
A
DOS
- Send victim ping requests that violate maximum size allowed by ICMP
- Block by using modern routers
7
Q
Fraggle
A
DOS
- Like smurf, only uses UDP
- Block echo ports 7 & 17 on firewall
8
Q
LAND attack
A
DOS
- Send victim packet where both source and destination are victim’s
- Block with modern OS and routers
9
Q
Loki
A
Covert channel
- Install a Loki client on the victim, which listens for instructions from Loki server hidden in ICMP packets
- Block incoming ICMP on firewall
10
Q
Salami attack
A
Tampering
- Shave a tiny amount off each transaction
- Block via administrative controls
11
Q
VoIP attacks
A
SPIT, eavesdropping
- Block with SRTP (Secure Real Time Protocol)
12
Q
INVITE of death
A
DOS for VoIP
- SIP invite requests
- Block ?
13
Q
ReDOS
A
DOS
- Flood victim with many complicated regular expressions
- Block ?
14
Q
Xmas
A
DOS
- Flood victim with TCP packets with all flags turned on
- Block with firewall
15
Q
Pass the hash
A
Capturing and reusing the victim’s password hash
