Replay attacks (2.4)

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/5

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

6 Terms

1
New cards

replay attack

useful info that is transmitted over the network that a attacker can be replayed to appear as someone else

2
New cards

what are some ways a attacker can get the info required for a replay attack?

physical network tap, ARP poisoning, malware on the victim computer

3
New cards

Pass the hash

victim sends a normal authentication request to a server < attacker captures the info (user and hashed password) < attacker replays the authentication to the server < grants them access

4
New cards

How to stop a replay attack?

by using a salt or encryption

5
New cards

Session hijacking (sidejacking)

a user authenticates with a web server which creates a session ID. If an attacker gets this session ID this allows them to constantly be able to rejoin the session because the server thinks it comes from the victims computer

6
New cards

how to prevent session hijacking

by simply encrypting everything