Saturday, April 11, 2020

Blog 10

This chapter was about sniffers, session hijacking, and Denial of Service

Sniffing

  • Promiscuous mode gives the network interface permission to grab every frame that comes its way. 
  • Popular sniffing tools include Wireshark, TCPDump, Cain and Abel, etc.
  • ettercap is an easy tool to use to do ARP poisoning, or man in the middle attack.
  • DNS Spoofing is an attacker redirecting DNS traffic. It redirects a target system to another site.
  • Invest in reliable security tools to protect against sniffing and attacks.
  • Use more secure protocols for Internet traffic.
  • Use switched networks to better isolate segments of the network.

Session Hijacking

  • Taking over a session between a host and a web server. 
  • Five steps to hijacking a session.
    •  Sniffing
    • Monitor Traffic
    • De synchronize the current session 
    • Predict the session ID
    • Inject commands that target the server
  •  Cross-site scripting is injecting malicious code into web applications. This is usually done through user-created content that has not been checked. For example, a Craigslist post could have malicious code attached that is not visible, but is able to steal cookie information.
  • Burp Suite is really useful and has many different tools. It's a Linux program.
  • Really have gotten the hang of using Session ID's to use cookies to login to a site. It's really easy.

Denial Of Service

  • When a computer is used to flood a server with more packets than it can handle.
  • Distributed Denial Of Service is when numerous computers are used to overload target systems.
  • Limit access points the network
  • Reduce unnecessary services 
  •  Use anti-malware, threat prevention, and intrusion protection

Article


 The article I read was about a company called RigUp. The breach exposed more than 70,000 files. The files belong to US energy sector clients. If it had been exposed to malicious hackers or the general public, it would have been devastating. These files included human resources information, such as social security numbers, resumes, photos, paperwork, birth dates, insurance, etc. The company is going to do a root cause analysis to find out why the leak happened.

















Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)