Vulnerabilities of data transmission Flashcards
Sniffing Attack(property)
Tapping network traffic or routing traffic to a target where it can be captured, analysed and monitored
Sniffing Attack(Why problem, or why important?)
Because any network packet having information in plain text can be intercepted and easily read by attackers. Connecting to public networks will have this risk
Sniffing Attack(Give an example, or give a definition)
This information could be usernames, passwords, secret codes, baking details or any information which is of value to the attacker
Sniffing Attack(Describe a measure to prevent)
Encrypting data to ensure all data that leaves the system can not be read even if the traffic is being sniffed(hackers could run cryptographic attacks to get something out of the data though). The use of secured protocols ensures the traffic is encrypted and renders security for traffic.
Networks should be scanned for any kind of intrusion attempt or rogue devices that may be set up to capture traffic. Network admins should monitor network devices as well to ensure they are authorised and have not been infected
Man in the middle attack(property)
Victim, the Entity with which the victim is trying to communicate, the man in the middle(who is intercepting the victim’s communications)
Man in the middle attack(Why a problem or why important)
Interception - attackers look to gain access to a poorly secured Wi-Fi router, can scan router looking for specific vulnerabilities such as weak password. Once they find vulnerability they can exploit it by deploying tools to intercept and read victims transmitted data(logins, bank info etc.)
Decryption - Victims intercepted data must then be unencrypted, so that attacker can read and act upon it
Man in the middle attack(give an example, or give a definition)
MITM sent you an email, making it appear legit(phishing)
MITM created a website that looks like a banks website, so you wouldn’t hesitate to enter your login credentials after clicking the link in the email
Man in the middle attack(Describe a measure to prevent)
Make sure HTTPS is in website.
Be wary of phishing emails
Avoid direct connections to public Wi-Fi routers(use a VPN)
Internet security should be installed on systems
Be sure that home Wi-Fi networks are secure
Spoofing attacks(property)
When an attacker impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls
Spoofing attack(give example or definition)
Common spoofing attack methods:
IP address
ARP
DNS server
HTTPS
Spoofing attack(measure to prevent)
Packet filtering - inspect packets as they are transmitted across network
Useful in IP address spoofing attack prevention as they are capable of filtering and blocking packets with conflicting source address info
Avoid trust relationships(allow users in one domain to access resources in another domain) - protocols should be developed that they rely on these as little as possible
Easier for attackers because trust relationships only use IP addresses for authentication
Use spoofing detection software - work by inspecting and certifying data before its transmitted and blocking data appearing to be spoofed
Use cryptographic network protocols - TLS, SSH, HTTPS and other secure communications protocols bolster spoofing attack prevention efforts by encrypting data before its sent and authenticating data as its received
IP Address spoofing
Every device capable of connecting to internet has IP address
By spoofing an IP address, an attacker can trick you into thinking your interacting with a website or someone you know, perhaps giving the attacker access to information you would otherwise not share
ARP spoofing
Address Resolution protocol - used to resolve IP addresses to MAC addresses for transmitting. data
Attacker sends spoofed ARP messages across a LAN to link their MAC address with IP address of legit member of network
Results in. data that’s intended for the hosts IP address getting sent to the attacker instead
DNS spoofing
Malicious party modifies the DNS server in order to reroute a specific domain name to a different IP address
HTTPS spoofing
Attacker can fool a users browser into believing its visiting a trusted website when its not.
By redirecting the users browser to an unsecured website, the attacker can monitor the users interactions with that website and possibly steal personal info that they are sharing
