Ack Piggybacking - ANSWER The Practice of sending an ACK inside another packet going to the same destination
Address resolution protocol - ANSWER
... [Show More] Protocol for mapping an IP address to a physical machine address that is recognized on the local network.
A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address
What are the five threat vectors? - ANSWER Outside attack from network
Outsider attack from telephone
Insider attack from local network
insider attack from local system
attack from malicious code
What are some external threat concerns? - ANSWER -Malicious code might execute destructive overwrite to hard disks
-Malicious mas mailing code might expose sensitive information to the internet
- web server compromise might expose organization to ridicule
- Web server compromise might expose customer private data
What are some ways to bypass firewall protections? - ANSWER - Worms and Wireless
- modems
- tunnel anything through HTTP
- social engineering
What is social engineering? - ANSWER - attempt to manipulate or trick a person into providing information or access
- bypass network security by exploiting humans
- vector is often outside attack by telephone or visitor inside
What is Hping? - ANSWER - a TCP version of ping
- sends custom TCP packets to a host and listens for replies
- enables port scanning and spoofing simultaneously
What is a group? - ANSWER A group means multiple iterations won't matter. If you encrypt with a key, then re-encrypt, it's the same as using one key.
What is a port scan? - ANSWER - common backdoor to open a port
- port scan scans for open ports on remote host
- scans 0 - 65,535 twice. TCP and UDP
What is nmap? - ANSWER Network scanner.
What are nmap scanning techniques? - ANSWER - Full open
- half open (stealth scan)
- UDP
- Ping
What is network stumbler? - ANSWER - free windows based wireless scanner for 802.1b
- detects access point settings
- supports GSP integration
- identifies networks as encrypted or unencrypted
What is Kismet? - ANSWER - Free linux WLAN analysis tool
- completely passive, cannot be detected
- supports advanced GPS integration and mapping features
- used for wardriving, WLAN vulerability assessment [Show Less]