Network Security Flashcards

Question

What happens if an attacker gains control of a rogue gateway? | Network Security

Answer 1

Attacker can sniff, intercept, block, and modify traffic

Answer 2

Enables transmission of messages

Answer 3

* Do nothing and assume that it is secure * Smart switching/active monitoring

Answer 4

* Don't broadcast traffic * Forward Ethernet to the right path * Filter requests to limit listening/filtering replies to limit replying

Answer 5

Dynamically allocates the IP address to hosts of a network and provides information about DNS server, gateway, and period of lease

Answer 6

* Fake DNS server => redirection of DNS lookups * Fake gateway router => interception of traffic, relay/modification of contents between host and remote machine

Answer 7

Gaining access to a system that is isolated from other networks

Answer 8

IP Spoofing and Blind Spoofing

Answer 9

Impersonating sources of security-critical information to exploit address-based authentication

Answer 10

Attacker sends IP packet and forges source IP with another host's IP => receiver sends a response back (unaccessible by attacker)

Answer 11

On-path and off-path spoofing

Answer 12

See all traffic

Answer 13

Has to blind spoof and guess header values/use brute force because they can't see traffic

Answer 14

Network that manages its internal routing and is interconnected to form the Internet

Answer 15

Determines where its packets should be sent

Answer 16

Border Gateway Protocol

Answer 17

Lack of edge-AS restricting IP spoofing or blocking packets with a different source IP address

Answer 18

Transport layer protocol that is connectionless, unreliable, best-effort datagram delivery service; best suited for multi-media and services based on requests

Answer 19

No delivery, integrity, ordering, or non-duplication guaranteed

Answer 20

Port abstraction

Answer 21

One can communicate with different components of the same IP address

Answer 22

* Length * Destination port * Source port (optional) * Checksum (error detection, optional)

Answer 23

* UDP Spoofing ~ IP Spoofing * UDP Hijacking ~ UDP Spoofing variant * UDP Port Scan - finding vulnerable/open ports * Denial of Service

Answer 24

Transport layer protocol that provides connection-oriented, reliable stream delivery service

Answer 25

Ordering, delivery, non-duplication

Answer 26

OS Processes

Answer 27

Allows 2 hosts to establish a connection identified by IP address/ports of source and destination (socket)

Answer 28

Performs flow control and is dynamic

Answer 29

Includes source/dest ports, seq #, ack #, data

Answer 30

Relative position of TCP segment in stream

Answer 31

Position of next byte expected from stream

Answer 32

* SYN * ACK * FIN * RST * PSH

Answer 33

Set only in the 1st packet to request sync of syn/ack nums and kickstart connection request

Answer 34

Validates ACK # in all packets except 1st

Answer 35

Indicates a request to terminate a stream in last packet from sender

Answer 36

Request to reset a connection

Answer 37

Push buffered data request

Answer 38

* Port Scan * Disruption * SYN Flooding

Answer 39

Finds vulnerable/open ports

Answer 40

* Normal * SYN * FIN

Answer 41

Establish a connection with an arbitrary port and follows the TCP connection setup/shutdown (giveaway: lots of logs/connections)

Answer 42

If a port is available, server/target will return an ACK packet (unavailable = RST packet) => scanner sends RST packet to "terminate" connection

Answer 43

A connection was never fully established

Answer 44

Scanner sends a FIN packet to a host/target => open port: FIN ignored, closed port: RST

Answer 45

Overload of connections

Answer 46

Denial of Service (DoS)

Answer 47

* Filtering * Small time-outs for 1/2 open connections * Limiting the number of 1/2 open connections * Recyling oldest 1/2 open connections * Requesting a SYN cookie to finish connection (set up and validate => reconstructed state)

Answer 48

ACK packets are not needed

Answer 49

Abrupt termination request with RST packet and acceptance with correct seq #

Answer 50

RST and Data Injection

Answer 51

MITM with port and sequence #

Answer 52

Control hijacking with port and sequence #

Answer 53

TCP spoofing

Answer 54

Establish a legit connection with target and predict based on information

Answer 55

1. Server listens to ports 2. Client sends requests (SYN packet) wtih initial sequence number (Sc) 3. Server accepts and responds (SYN-ACK packet) with initial sequence number (Ss) and ACK # (Sc + 1) 4. Client acknowledges with sequence number (Sc + 1) and acknowledgement number (Ss + 1) 5. Data is sent

Answer 56

1. End A sends FIN packet (Sc) 2. End B replies with ACK packet (seq # = Ss, ACK # = Sc + 1) 3. End B sends FIN packet to close stream (seq # = Ss, ACK # = Sc + 1) 4. A replies with ACK packet (seq # = Sc + 1, ACK # = Ss + 2)

Answer 57

ACK # <= Seq # <= ACK # + Window

Network Security Flashcards

(81 cards)