Objective 1.4 - Network Attacks

Evil Twin

a rogue access point with the same SSID as a legitimate access point

Rogue Access Point

A wireless access point that provides an attacker with unauthorized access to the traffic going over the network.

Bluesnarfing

refers to the unauthorized access to, or theft of information from, a Bluetooth device.

Bluejacking

An attack that sends unsolicited messages to Bluetooth-enabled devices.

Dissassociation

effectively removes a wireless client from a wireless network. Attackers send a disassociation frame to the AP with a spoofed MAC address of the victim.

Jamming

A DoS attack against wireless networks. It transmits noise on the same frequency used by a wireless network.

Radio Frequency Identifier (RFID) Attack

Sniffing or Eavesdropping, Replay, or DoS attacks using an RFID reader and tag

Near Field Communication (NFC) Attack

The act of intercepting at close range (a few inches) communications between two mobile operating system devices.

Initialization Vector (IV) Attack

A wireless attack that exploits the reuse of an initialization vector (IV) during WEP encryption.

On-path attack

(formerly known as a man-in-the-middle attack) intercepts communications between two systems.

ARP Poisoning

an attack that convinces the network that the attacker's MAC address is the one associated with an allowed address so that traffic is wrongly sent to the attacker's machine

MAC Flooding

An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up the memory on the switch. If this is successful, the switch will change state to failopen mode.

MAC Cloning

An attack in which an attacker falsifies the factory-assigned MAC address of a device's network interface

Domain Hijacking

An attack that changes the registration of a domain name without permission from the owner.

DNS Poisoning

An attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device.

URL Redirection

Also called URL forwarding, is a World Wide Web technique for making a web page available under more than one URL address.

Domain Reputation

the internet tracks security posture and where people visit, email, malware, or site avoiding..

Distributed Denial of Service

An availability attack, to consume resources to the point of exhaustion from multiple vectors

Network DDoS

An attack where a botnet is set up to flood a victim's system with an enormous amount of traffic so that it is taken down. If a stateful firewall were to be used to prevent a network DDoS attack, it would prevent the traffic from entering your network/

Application DDoS

This is where the DDoS tries to flood a particular application, and the number of packets is known as requests per second (rps). This is where specially crafted packets are sent to the application so that it cannot cope with the volume.

Operational Technology (OT)

The source of a DDoS attack in which endpoints can be programmed and have an IP address.

Malicious code or script execution

Malicious code or scripts that are not malware Commonly PowerShell, Python, Bash, macros, and VBA

Powershell

A command-line interactive scripting environment that provides the commands needed for most management tasks in a Windows Server 2012/R2 environment.

Bluebugging

Taking control of a phone to make calls, send text messages, listen to calls, or read text messages.