1.4 Network Attacks Flashcards
Unauthorized access point on a network that may or may not be malicious. Poses backdoor vulnerabilities to your network
Rogue AP
Malicious access point that has the same SSID as your network but is controlled by an attacker. Can overpower legitimate access points to hijack network traffic.
Evil Twin AP
The process of sending unsolicited messages to a phone via Bluetooth connection
Bluejacking
An attack that involves the transfer of data to an attacking device via Bluetooth connection
Bluesnarfing
What does an attacker exploint within a network packet in order to perform a wireless disassociation attack?
802.11 Management Frames
You are working on your laptop when all of a sudden the wireless connection to your WIFI drops. It then proceeds to come back and drop off repeatedly. What type of attack are you likely subject to?
Wireless Disassociation
This type of jamming involves the transmission of interfering wireless signals to decrease the recipiant’s signal-to-noise ratio. Can sometimes be unintentional from microwaves, flourescent lights, etc.
Radio Frequency (RF) Jamming
An arbitrary number used in cryptography which is random, only used once, and is used to calculate a randomized hash for password and encryption. Secures against replay attacks, and is used “for the time being”
Nonce
A type of nonce that is used for randomizing encryption schemes in encryption ciphers, WEP, and some SSL implementations.
Initialization Vectors
A nonce most commonly associated with password randomization. Prevents passwords within a database being correlated in the event of a breach.
Salt
Formerly known as man-in-the-middle attacks, this type of attack involves the attacker being on the network between you and your traffic’s destination. Traffic is redirected to the attacker, and then passed on to its destination.
On Path attack
This attack utilizes the limited size of a MAC address table by sending requests from many different MAC addresses. When the address table is full it begins forwarding all traffic out of all ports.
MAC Flooding
Doing this will allow an attacker to change their MAC address in order to circumvent filters on a network
MAC Spoofing
An attack that injects a malicious IP address into a DNS cache of a DNS server or a client computer in order to direct web traffic to the wrong place.
DNS Poisoning
This type of attack involves getting access to the domain registration, effectively transferring domain ownership to the attacker.
Domain Hijacking
