Threats, Attack and Vulnerabilities Flashcards
Virus
Replicates, requires user action
Trojan
Hidden as something else
Worm
Self-replicating
Logic bomb
Virus with specific activation logic
Polymorphic virus
avoid signature-based detection by self-mutation
Armored virus
Decompilation-resistant
ARP poisoning is commonly used in
MITM
The ARP cache
maps IPs to MAC addresses
Replay attack
Sniffing and resubmission
Transitive Access Attack
Capture credentials through access of honeypot shared folder
Spoofing
Masquerade as a trusted system
DNS Poisoning
redirects to malicious server, either local or through DNS provider
Smurfing
ICMP Flood with a spoofed header
Sniffer attack
Used for recon, based on network examination
XMAS scan
Each packet has 3/6 flags to hide the scan
Hybrid password attack
Bruteforce and dictionary
Birthday attack
Bruteforce hash collision
Pharming attack
Malicious site through DNS Poisoning
Spearfishing
Directed phishing from a fake trusted person
Vishing
Telephone Phishing
Whaling
Phishing for high-level targets
War chalking
War driving, sniffing unprotected networks en masse
Rogue access point
Fake access point
Evil twin
A rogue WAP with similar SSID