Flashcards in misc Deck (13)
What is APT?
Advanced Persistent Threat
What is pivoting/daisy chaining?
An attacker who compromises a device on DMZ to launch further attacks from the DMZ
What is doxing?
Publishing PII about someone
What is a covert channel?
Transmitting information using methods not originally intended for data transmission
What is source routing?
Allows sender of packet to specify route the packet takes through the network based on source IP address
What is banner grabbing?
Identifies OS version / software in use
How does MAC address spoofing work?
Only for UDP as TCP requires 3-way handshake
What is active vs passive sniffing?
Active is on a switch
Passive is on a hub as all packets are sent on all ports
How does a buffer overflow work?
Changing pointer address in stack to point at altered code from attacker (stack smashing)
What is NoP/NoP sled?
Creating no operation statements in memory to make pointing to their code easier
How can you protect against a buffer overflow attack with software?
Great/Secure Code boundary validation for R/W
Cookie (Canary Value) checks location for cookie
Stack guard (copy return address somewhere esle in memory to compare)
Code analysis for prevention
How do you protect against a buffer overflow attack with hardware?
Execution Disabled (stops code being run in certain areas of memory)