Network Attacks Flashcards
What is 802.1X?
A network protocol for network access control.
Forces users connecting to the network to authenticate regardless of the connection type.
When you authenticate to a network using 802.1X network access control where is your authentication request sent to and validated?
RADIUS server.
Which type of network attack, while not always being inherently malicious, happens when an unauthorized wireless access point is added inside of your network?
Rogue access point.
Which type of network attack sets up an access point to look like an existing network, tricking people into connecting to a network that they did not intend to?
Evil twin attack
Which network attack uses bluetooth connectivity to send unsolicited messages to other devices without giving additional access to the device or posing any security risk other than the unsolicited messages?
Bluejacking
Which type of network attack happens over a bluetooth connection and is used to transfer data from a bluetooth enabled device without authentication?
Bluesnarfing
Which type of network attack takes advantage of unencrypted 802.11 communications and is able to kick an end user off a network causing a significant DoS attack?
Wireless deauthentication
Wireless disassociation attacks
Which type of network attack decreases the signal-to-noise ratio at a network device using a physical device, in order to deny service to people trying to use it?
Wireless jamming. Radio frequency (RF) jamming.
Which types of attack are common with RFID technology?
RFID attacks:
Viewing communications (especially in the data is being transmitted unencrypted)
Spoofing the RFID reader, and writing your own data to the RFID tag
Signal jamming for the purpose of DoS
Decrypting communications, as many of the default decrpytion keys are on google.
What is NFC?
Near field communication. It is a two way wireless communication.
Builds on RFID which is mostly one way.
Short range with encryption support.
Helps with bluetooth pairing and payment systems (like apple pay, holding your phone up to the card machine to pay) by putting a device or tag in close proximity to a reader.
Can also be used to build an NFC access token or identity “card”
Suffers from mostly all of the same attacks as RFID.
What is a cryptographic nonce?
An arbitrary number that is used once, for the time being.
A random or pseduo-random number, something that can’t be reasonably guessed.
Can also be a counter, as long as both sides can keep track of the count.
How would a nonce be used during the login process?
The server would first give you a nonce.
And then calculate your password hash using the nonce.
The end result is that each password hash sent to the host will be different, so a replay attack will not work, if the has is captured in transit.
Since a nonce is most commonly associated with password randomization, how would a nonce be typically used to store a random password hash on a database permanently even if multiple users had the same password?
Salting
MAN IN THE MIDDLE NOW IS CALLED WHAT?
On-path attacks.
PLEASE REMEMBER THIS
Which type of attack creates an environment where all network traffic to the router from a victim’s computer on a local network is relayed through an attackers computer using mac address spoofing and a cache of which IP addresses belong to which mac address?
ARP poisoning
This type of attack takes place when an attacker’s trojan/malware will latch onto a victim’s browser and proxy all browser traffic of the victim through the attacker’s malware.
On-path browser attack
How would one usually maintain a loop-free environment when dealing with network switches?
By using “Spanning Tree Protocol” (STP)
When a switch is adding entries to its mac address table, what does it store other than just the mac addresses?
Output interfaces.
The switch stores the information about which output interface the traffic should be sent out on with each mac address in the table.
Which network attack takes place when an attacker forces legitimate MAC addresses out of a MAC table by sending traffic with different source MAC addresses until the table is completely filled?
MAC flooding
How does a switches’ behavior change once its MAC table is completely full?
It starts sending traffic to all interfaces, basically becoming a hub, and this makes a great opportunity for an attacker who has done some MAC flooding to start capturing all network traffic from all devices.
Which attack is taking place when an attacker changes their MAC address in their network drivers to match the MAC address of a legitimate device that is on the network or has recently left the network?
MAC spoofing/MAC cloning
What would be a way of effectively doing a dns poisoning attack on one victim without needing to take control over an entire dns server?
By modifying the client host file in a victim’s computer. The client host file takes precedent over DNS queries.
Which attack would be taking place if an attacker were able to change the IP address that is sent out to those making queries to a DNS server to the IP of their own malicious website rather than the real IP address?
DNS poisoning/DNS spoofing
Which attack would be taking place if an attacker gained access to the account that controls a domain at whichever registrar a site uses, through whatever means (maybe brute force, phishing, etc) , and made changes to the DNS names and DNS IP addresses associated with that particular website?
Domain hijacking
