Flashcards in Chapter 19: Protecting Your Network Deck (61)
The process of pretending to be someone or something you are not by placing false information into your packets.
Doing things with a protocol that it wasn't meant to do, usually to carry out an attack.
Packets with unwanted information in an attempt to break another system.
The way that an exploit takes advantage of a vulnerability.
The time frame in which a bad guy can apply an attack surface against a vulnerability before patches are applied to prevent the exploit.
New attacks using vulnerabilities that haven't yet been identified or fixed.
ARP Cache Poisoning
Target the ARP caches (storing known IPs and MAC addresses) on hosts and switches
A special broadcast that a sending device sends out if it doesn't know the destination device's MAC address.
Dynamic ARP Inspection (DAI)
Tool to prevent ARP poisoning.
Switch process that monitors DHCP traffic, filtering out DHCP messages from untrusted sources.
Typically used to block attacks that use a rogue DHCP server.
Denial of Service (DoS) attack
A targeted attack on a server that provides some form of service on the Internet, with the goal of making that site unable to process any incoming server requests.
The aspect of a DoS attack that makes a server do a lot of processing and responding.
The process of sending artificial jam signals that effectively prevent any other station on the collision domain from transmitting its data onto the network. (Fixed by switches!)
Distributed DoS (DDoS)
Uses many many computers under the control of a single operator to launch a coordinated attack.
A single computer under the control of an operator
A group of computers under the control of one operator
Requests are sent to normal servers as if they had come from the target server and the responses from the normal servers are reflected to the target server, overwhelming it.
A form of DoS attack that sends broadcast pings to the victim
Caused by too much legitimate traffic on a server that is too weak to handle it.
An attack that damages the targeted machine and renders that machine inoperable. (Also known as phlashing)
An attacker taps into communications between two systems, intercepting traffic, reading or manipulating it, then sending it on.
Tries to intercept a valid computer session to get authentication information.
When a malicious user probes a host's open ports to learn details about running services.
Older technique to hack a switch to change a normal switch port from an access port to a trunk port, the hacker to access different VLANs.
A program that can make a copy of itself without your necessarily being aware of it.
All viruses carry some payload that may or may not do something malicious.
A form of virus that doesn't infect other files on the computer, but replicates by making copies of itself on other systems on a network.
A type of virus that exploits application macros to replicate and activate.
A piece of malware that pretends to do one thing, but actually does something evil.
They don't replicate