Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
10 Cards in this Set
- Front
- Back
ICMP flood |
Attacker sends large number of echo requests to target Typically spoof source IP or use zombies |
|
Ping of Death |
Large ICMP packet When receiving machine attempts to reconstruct, host crashes Modern OSs are not vulnerable |
|
Smurf |
Spoof targets IP and broadcasts flood of ping messages to all systems on a lan segment Then they all echo, overwhelmimg the target Can mitigate by disabling broadcast ping |
|
MAC flood |
Flood switch with packets with different source MACs. Fills MAC table and switch defaults to HUB like behavior |
|
Teardrop |
Attacker sends several large overlapping IP fragments Attempting to reassemble can cause the system to crash |
|
Heartbleed |
Attacks OpenSSL allowing attacker to obtain about 64KB of info from web servers memory Version 1.0.1 - 1.0.1f |
|
CSS injection |
Attacks OpenSSL mitm Specific handshake Forces OpenSSL to use weak key |
|
POODLE |
1) mitm that could cause a fallback from TLS to SSL, allowing decryption of 1 byte at a time 2) attack on bugs in cipher block enc |
|
FREAK |
Factoring attack on RSA export keys Mitm forces downgrade to weaker key length |
|
Shellshock |
Send a type of request with something like cURL that will execute commands on the remote web server in GNU Bash 4.3 or earlier curl -A "() {:;} ; echo Content_type: text/plain; echo; echo; /bin/cat myfile.txt" http://localhost/test.cgi |