Week 9 - MiM Attack & DDoS Flashcards
What is a web app?
An application that runs in a web browser and require an active network connection.
What layer does client side and server side interact?
Application Layer.
What is HTTP?
Hypertext Transfer Protocol is used to communicate between client and server.
True or False. HTTP is not stateless?
False. HTTP is stateless.
How many HTTP methods are there?
- GET, POST, HEAD, OPTIONS, PUT, PATCH.
What is URL?
Uniform Resource Location.
Structure: protocol://hostname[:port]/[path/]file[?param=value]
Example: https://staffportal.curtin.edu.au/wplogin.php?foo=ba
What is a cookie?
Short-lived storage on the client, it is a way to maintain a state. This means authentication can exist (stateful).
List a few advantages of cookies.
User friendly
Convenience
Marketing
Configurations
Server Requirements
Availability
What is a proxy server?
A system or router that provides a gateway between users and the web app/servers.
List a couple of advantages of a proxy server.
+ Balance internet traffic to prevent crashes.
+ Control the website employees and staff access in the office.
+ Save bandwidth by caching files or compressing incoming traffic.
+ Secure employees’ internet activity from people trying to snoop on them.
What is a Man-in-the-Middle Attack (MIM Attack)?
Involves a compromised proxy that an attacker gains control over and sits between a client and a target server.
What can happen with a MIM attack?
Attack can intercept, modify, or eavesdrop on the communication between the client and the target server, potentially leading to various security and privacy issues.
How to mitigate a proxy attack?
Use HTTPS. HTTP over TLS/SSL to encrypt normal HTTP requests and responses.
Can Burp Suite intercept HTTPS?
Yes, but TLS-encrypted traffic must be decrypted. This can occur if burp has private key or certificate access.
What is a Denial of Service attack (DoS)?
A single attack using his own computer and network to flood the victim’s server in order to shut down the target service.