Threats
Cards (26)
- Denial of Service: Send many packets in hopes of overwhelming system.
- Ping of Death: Large fragmented ICMP overwhelms a host.
- ICMP (Protocol for Ping): Report errors and perform network diagnostics.
- DDoS: A traffic spike is a sign a network is undergoing a DDoS attack.
- Botnet: Network of victim computers under the control of the attacker.
- Bot coordinator: A command and control server used to command Botnet to coordinate the DDoS attack.
- Friendly/unintentional DoS: A site can gain too many visitors from social media links and overwhelm the server.
- Zero-day attack: A vulnerability being exploited out in the wild but has no known fix for.
- Spoofing: A technique an attacker uses to hide their identity.
- ARP Spoofing: Attacker spoofs IP to MAC mapping usually to perform a man-in-the-middle attack.
- ARP Protocol: Protocol that translates IP to MAC address.
- IP Spoofing: Attacker impersonates device by IP address.
- Email Spoofing: Attackers send email messages using a sender that a target trusts.
- On-Path Attack (Man-in-the-middle): Network traffic is intercepted.
- DNS Poisoning: False DNS information (DNS leads to different website.)
- ARP Spoofing: Tampers with ARP to perform a On-path attack.
- Brute force attack: Crack a password using automated random guessing.
- Brute force attacks can be prevented by limiting number of attempts.
- Dictionary attacks: Use a list of known passwords.
- Avoid reusing passwords to limit the effectiveness of dictionary attacks.
- Insider attack: A trusted person like an employee or a contractor who commits a malicious act.
- Cross-site Scripting (XSS): Attacker injects malicious code into a website’s fields.
- SQL injection: An attacker compromises a SQL database through cross-site scripting.
- Insider Attack: Mitigated through Background checks and least privilege.
- Input validation: Countermeasure against SQL injection attacks.
- Replay attack: Reusing intercepted data rather than altering it (MiTM)