How would you prevent session hijacking attacks?
How would you prevent session hijacking attacks?
What tool could Larry use to help evade traps like honeypots?
Larry is a criminal hacker with over 20 years of experience in breaking into systems. Larry’s main objective used to entail defacing government and big corporation websites with information they did not want released to the public. But within the last few years, Larry has found avenues of creating revenue through breaking into systems and selling the information. On numerous occasions, Larry was able to break into the networks of small local banks and glean sensitive customer information including names, social security numbers, bank account numbers, and PINs. Larry then sold this information through covert channels to dummy corporations based in Eastern Europe where cyber-law has not matured yet. Larry has been able to cover his tracks in the past, but with the rise of new technology such as honeypots, Larry is concerned about falling into traps set by security professionals.
What tool could Larry use to help evade traps like honeypots?
Which type of attack is port scanning?
Which type of attack is port scanning?
How would you detect these reflectors on your network?
Reflective DDoS attacks do not send traffic directly at the targeted host. Instead, they usually spoof the originating IP addresses and send the requests at the reflectors. These reflectors (usually routers or high-powered servers with a large amount of network resources at their disposal) then reply to the spoofed targeted traffic by sending loads and loads of data to the final target.
How would you detect these reflectors on your network?
Attacker creates a random source address for each packet SYN flag set in each packet is a request to open a ne
The SYN flood attack sends TCP connections requests faster than a machine can process them.
Attacker creates a random source address for each packet SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address
Victim responds to spoofed IP address, then waits for confirmation that never arrives (timeout wait is about 3 minutes)
Victim’s connection table fills up waiting for replies and ignores new connections Legitimate users are ignored and will not be able to access the server
How do you protect your network against SYN Flood attacks?
Which of the following is not considered to be a part of active sniffing?
Which of the following is not considered to be a part of active sniffing?
What other steps does Bob need to take to successfully implement this?
Bob reads an article about how insecure wireless networks can be. He gets approval from his management to implement a policy of not allowing any wireless devices on the network. What other steps does Bob need to take to successfully implement this?
How would John protect his network from these types of attacks?
John runs a Web server, IDS and firewall on his network. Recently his Web server has been under constant hacking attacks. He looks up the IDS log files and sees no intrusion attempts but the Web server constantly locks up and needs rebooting due to various brute force and buffer overflow attacks but still the IDS alerts no intrusion whatsoever.
John becomes suspicious and views the Firewall logs and he notices huge SSL connections constantly hitting his Web server.
Hackers have been using the encrypted HTTPS protocol to send exploits to the Web server and that was the reason the IDS did not detect the intrusions.
How would John protect his network from these types of attacks?
What does the following command in "Ettercap" do?
What does the following command in “Ettercap” do?
ettercap -NCLzs –quiet
How does traceroute map the route a packet travels from point A to point B?
How does traceroute map the route a packet travels from point A to point B?