Attack causing a service to fail by overloading it; can be a precursor to a DNS spoofing attack; can be as simple as turning the power off; can be "friendly" unintentional
. Army of botnets used to take down a system
. Redirects traffic - uses ARP poisoning
. Malware installed that hides in the browser
. Causes privilege escalation by TPN over ride. Usually uses SQL
. Takes information from one web page and uses it in another using Java Script - victim of the attack isn't authenticated yet - protect against it using a WAF
. Sites must always validate the device and user - victim must be authenticated to the trusted server
. Bug or flaw allowing you to elevate the access you should normally have - very high priority to get fixed quickly; can use DEP to mitigate
. Actually change the DNS files to redirect addresses to an attackers IP address
. Somehow gain access and totally redirect to a different server - don't even need to touch the victim servers like in DNS poisoning
. Vulnerability that has not been announced yet - very valuable because they have not been patched yet
. Grab raw data transmitted across the network and then later reusing it to appear as the original sender - can avoid with encryption and password salting, also add time stamp
. Associate this with stealing hashes to crack otherwise impossible to crack passwords
. Use type squatting, brand jacking, misspelling, etc to redirect unsuspecting users to bad sites
. You think you're clicking something legit, but underneath you're are actually clicking a bad link
. Uses session ID and cookies - steals session ID so website thinks you've previously authenticated
. Related to drivers
. Related to drivers - Aka metamorphic malware - it's a different thing each time it's downloaded so it's hard to add signature to use in anti-virus software
. One device pretending to be something it's not (email addresses, phone numbers, IP addresses, MACs)
. Sending small requests to servers that will receive large responses; think of the example using the DNS protocol
. Attacker changes the MAC address and attacks a network by changing the target computer's ARP cache with a forged ARP request and reply packets
.
|