Web Security Risks Flashcards
Virus
malicious piece of software (malware) that inserts malicious code into a program and then continues to spread itself using a variety of methods
Trojan Horse
Malware attack that disguises itself as something innocent such as computer game, or YouTube search results page
Spam
makes up 70-84% of daily emails sent throughout the world.
Phishing
Spam emails designed to trick recipients into clicking a link to an insecure website; typically executed to steal account information for e-commerce sites
Phishers usually part of a larger crime organization (Russian mafia). Phisher pays someone who contraols a fleet of zombies to send out the phishing attack from zombie PCs. Phisher compiles a large list of bank accounts, credit card info, and similar info from phishing attack. Phisher frequently sells account info in bulk to intermediary, who then sells individual accounts to anyone who wants them. Person who buys the accounts can use them to empty bank accounts and participate in identity theft
Packet Sniffers
Capture data streams over a network, allowing for the capture of sensitive data like usernames, passwords and credit card numbers
When you make contact with the Internet, data is sent in slices to keep performance of Internet high. Slices = packets; sniffer allows people to see these packets that are being sent or received.
Packet sniffers only work when they are on the same network on which the data is travelling to. Once it has the data, the sniffer can relay the info to different networks via honeypots.
information is sent from sniffer to a database where all the info is stored. can create reports out of the database such as site visits
Password Attacks (Types)
Brute-force- guess password by repeatedly entering new combination of words and phrases compiled from dictionary
Packet sniffers
IP-spoofing- similar to honeypots, involves interception of data packets by computer successfully pretending to be a trusted server/resource
Trojans
Internet passports
variety of technologies and standards that let people control which information about themselves they allow released to websites and how that information can be used
lives inside a web browser. user filles out profile in the browser determining what info can be made available
buffer overflow attack (browser attack)
buffer= area of memory allocated for a certain function.
In a buffer overflow attack, the hacker writes code that downloads from a website and floods a specific area of memory with so much data that it overflows into a nearby area of memory.
The data that flows into a nearby area of memory contains malicious code, and that code can bypass normal security functions because of a flaw in the browser.
Zombie Computers & Botnets
Zombie computer- computer infected with malware that causes it to act as a tool of a spammer by silently sending out thousands of emails from the owner’s email address. Typically a single person controls a zombie network of infected computers
Infected zombie computers are organized by spammers into small groups called botnets which can send out spam
Spyware
Employs a user’s Internet connection in background without their knowledge and gathers/transmits info on that user or their behaviors
Used to make cash- (pop up ads, phishing)
Spywhere “phones home” at regular intervals to report to the spyware website on what sites you have been visiting
Directory Traversal & Browsing
method used by hacker to access sensitive data held on a web server where your web site is installed. Filtering HTTP data requests to the server is the best prevention of directory traversal attacks
Server Side Scripts
Important to validate forms and use good coding practices and standards to avoid holes in your code which can be exploited
SQL Injection
SQL is way to enter, modify, and retrieve information from a database. Information that is stored can be vulnerable to SQL injection which breaches the database security.
Cross Site Scripting
Technique used to gather personal information or run malicious code while a user is using their web browser. This is the majority of hacking attempts. Data is usually gathered in the form of a hyperlink which contains malicious content within it. User will click the link from another website, IM, or reading a web board or email message.
Active X
Used by Microsoft IE on Windows systems, allows applications or parts of applications to be utilized by web browser. Web page can use ActiveX components that may already reside on a Windows system, or a site may provide the component as a downloadable object. Gives extra functionality to web browsing but increases vulnerability