Vulnerabilities of Data Transmission Flashcards
What is a sniffing attack?
A sniffing attack refers to tapping network traffic or routing the traffic to a target where it can be captured, analysed, and monitored.
What are defences against sniffing attacks?
To defend against sniffing attacks we can:
Connect to trusted networks
Encrypt Data in traffic
Scan and monitor networks for intrusion and rogue devices
What is a man in the middle attack?
With a traditional MITM attack, attackers will look to gain access to an unsecured or poorly secured Wi-Fi router, scan the router looking for specific vulnerabilities such as a weak password and exploit it by deploying tools to intercept and read the victim’s transmitted data. The data must be unencrypted so the attack can read and act upon it.
Other: Active eavesdropping, general term for when a perpetrator positions himself in a conversation between a user and an application
What are some defences from MITM attacks?
Making sure HTTPS is always in the URL bar of websites being visited, be wary of potential phishing emails from attackers asking to update passwords or any other login credentials, and direct connections to public Wi-Fi routers should be avoided if possible.
[Possibly also encryption and hashing data before transit]
What is a Spoofing Attack?
A spoofing attack is when an attacker impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls.
What are some common types/methods for spoofing attacks? [4]
IP address spoofing
ARP spoofing
DNS server spoofing
HTTPS spoofing
What are some defences against Spoofing Attacks?
Packet Filtering - inspect packets that are transmitted
Avoiding Trust Relationships - develop as little as possible protocols that rely on trust
Use Spoofing Detection Software - many programs available that do this particularly ARP Spoofing
Use Cryptographic Network Protocols - Transport Layer Security (TLS), Secure Shell (SSH), HTTP Secure (HTTPS) and other secure communications protocols bolster spoofing attack prevention efforts by encrypting data before it is sent and authenticating data as it is received.
What is a Replay Attack?
A replay attack occurs when an attacker intercepts and then delays or resends a secure data communication to misdirect the receiver into doing what the attacker wants.
