Which utility below can create a server-spoofing attack?
A.
DNS poisoning
B.
C2MYAZZ
C.
BO2K
D.
Snort
Explanation:
C2MYAZZ is a utility that enables server spoofing to implement a session highjacking or man-in-themiddle exploit. It intercepts a client LANMAN authentication logon and obtains the session’s logon
credentials and password combination, transparently to the user. * DNS poisoning is also known as
cache poisoning. It is the process of distributing incorrect IP address information for a specific host
with the intent to divert traffic from its true destination. * Snort, is a utility used for network sniffing.
Network sniffing is the process of gathering traffic from a network by capturing the data as it passes
and storing it to analyze later. * Back Orifice 2000 (BO2K), is an application-level Trojan Horse used
to give an attacker backdoor network access. Source: Security Complete, edited by Mark Lierley
(Sybex, 2001).