Attack that can be launched if Authentication is not implemented

Comienza Ya. Es Gratis
ó regístrate con tu dirección de correo electrónico
Attack that can be launched if Authentication is not implemented por Mind Map: Attack that can be launched if Authentication is not implemented

1. Password Sniffing

1.1. sniffer is an application that can capture network packets. Sniffers are also known as network protocol analizers. While protocol analyzers are really network troubleshooting tools, they are also used by hackers for hacking network.

1.2. A password sniffer is a software application that scans and records passwords that are used or broadcasted on a computer or network interface

1.3. Password sniffing is an attack on the Internet that is used to steal user names and passwords from the network

1.4. TYPICAL PASSWORD SNIFFING IMPLEMENTATION

1.4.1. The typical implementation of a password sniffing attack involves gaining access to a computer connected to a local area network and installing a password sniffer on it.

1.4.2. (Tatu Ylonen) ones tried to implement such an attack as an experiment. It took me three hours to have a program that processed the data from each TCP/IP stream separately and extracted information from them. It is not a difficult attack to code.

2. Spoofing

2.1. hoax, trick, or deceive

2.2. tricking or deceiving computer systems or other computer users

2.3. typically done by hiding one's identity or faking the identity

2.4. e-mail

2.4.1. sending messages from a bogus e-mail address or faking the e-mail address of another user

2.4.2. send spam messages from their own SMTP

2.5. IP spoofing

2.5.1. masking(hiding or faking) IP address of a certain computer system

2.5.2. difficult for other systems to determine where the computer is transmitting data from

2.5.3. used in denial-of-service attacks that overload a server

2.5.4. cause the server to either crash or become unresponsive to legitimate requests

3. Man-in-the-middle

3.1. A man-in-the-middle attack is a type of cyberattack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late.

3.2. A man-in-the-middle attack can be successful only when the attacker forms a mutual authentication between two parties.

3.3. Key Concepts of a Man-in-the-Middle Attack

3.3.1. -Man-in-the-middle is a type of eavesdropping attack that occurs when a malicious actor inserts himself as a relay/proxy into a communication session between people or systems. -A MITM attack exploits the real-time processing of transactions, conversations or transfer of other data. -Man-in-the-middle attacks allow attackers to intercept, send and receive data never meant to be for them without either outside party knowing until it is too late.

4. type of Hijacking

5. Hijacking

5.1. also called session hijacking. is a type of network security attack in which the attacker take control of a communication.

5.2. just as an airplane hijacker takes control of a flight between 2 entities and masquerades as on of them

5.3. step involved in Hijacking

5.3.1. Track the connection

5.3.2. Desynchronize the connection

5.3.3. Inject the attacker's packet

5.4. the following can lead to a session being hijacked

5.4.1. no timeout set for invalid session IDs

5.4.2. insecure handling

5.4.3. indefinite session expiry time

5.4.4. transmission of data in clear text

5.4.5. session ID being small in length

5.5. Techniques of session hijacking

5.5.1. Brute force a session ID

5.5.2. Steal the session ID

5.5.3. Calculate a session ID

5.6. Exp1: first the attacker uses a sniffer to capture a valid token session called "Session ID", then he/she uses the valid token session to gain unauthorized to the Web Server

5.7. Exp2: Attacker can compromise the session token by using malicious code or program running at the client-side.