Networking Fundamentals, 3rd Edition page 452

Copyright Goodheart-Willcox Co., Inc. 452 Networking Fundamentals company designs the bomb in a way that it deletes vital fi les should the employee’s termination be processed. DNS Poisoning DNS poisoning occurs when an attacker tries to get fake entries into the target’s DNS server. Th at way, when users on that network enter a domain, for example, xyzbank.com, their own DNS server redirects them to a phishing site. Th is is closely related to ARP poisoning. ARP poisoning involves obtaining a network’s ARP table and spoofi ng responses from ARP addresses. Th is only works within a domain. Evil Twin In an evil twin attack, a rogue wireless access point is confi gured so it has the same MAC address as one of the existing legitimate access points. A rogue WAP will often then initiate a denial of service attack on a legitimate access point, making it unable to respond to users. Th is results in users being redirected to the evil twin. Th is is also a form of man in the middle (MITM) attack. In general, a MITM attack has occurred any time someone gets between two parties. Th is is also done in cryptography during the key-exchange process. If an attacker can get between the two parties during key exchange, he or she can compromise the encryption process. Deauthentication A deauthentication attack is also sometimes called deassociation. In this attack, the attacker causes the client to deauthenticate from a reliable source. Th is is often fol- lowed by trying to get the user to connect to an evil twin. Phishing Phishing (pronounced fi shing) is a method of Internet fraud that involves using e-mail to steal a person’s identity and other sensitive information, such as fi nancial data. In a phishing attack, an e-mail is sent that appears to be from a legitimate en- terprise in an attempt to solicit personal information. For example, a person may re- ceive an e-mail that appears to be from the legitimate company eBay. Th e e-mail may even use the eBay artwork and logo. Th e contents of the e-mail requests the person’s personal information, such as a bank account PIN, credit card number, password, Social Security number, and anything else that can be used for identity theft. Another example is an e-mail that poses as a known and often accessed company, such as a credit card company. Th e e-mail states that a virus has compromised all user accounts and that the company must reconstruct all user account information. Th e e-mail contains a link to the company’s website. Th e e-mail recipient is told in the e-mail to go to the website and enter the requested information. When the e-mail recipient clicks the included link, he or she is directed to an illegal site created to look like the website of the legitimate company. However, the domain name of the illegal site is slightly diff erent than the domain name of the legitimate company. Th e bogus domain name goes undetected by the e-mail recipient because of slight changes in the characters. Notice in Figure 15-5 how similarly shaped characters and numbers have been substituted. Based on the examples in Figure 15-5, one can see how easy it can be to create a fi ctitious website designed solely for extracting personal data. Also, be aware that rolling the mouse over a website link embedded in the text of an e-mail created with HTTP can automatically take you to a site that resembles the website indicated in the link. Th e link can be easily programmed to direct a user to a diff erent website 4.4 NET 4.4 NET 4.4 NET 4.4 NET

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 452 (474 of 720)

Resources and Downloads

Help