An attack that sends multiple packets to a switch, each of which has a different source MAC address, in an attempt to use up all of the menory on hte switch
When a switch broadcasts data on all ports the same way a hub does.
The Content Addressable Memory table, a table that is in a switch's memory that contains ports and their corresponding MAC addresses.
Network Address Translation (NAT)
Allows multiple private IP address to share one public IP address.
When a single private IP address translates to a single public IP address. AKA one-to-one mapping.
Port Address Translation (PAT)
Like NAT but it translates both IP addresses and port numbers.
Demilitarized Zone (DMZ)
A special area of the network that houses servers that host information accessed by clients or other networks on the Internet
A type of DMZ where a firewall has three legs that connect to the LAN,Internet and the DMZ.
A type of DMZ where the DMZ is located between the LAN and the Internet.
Network Access Control (NAC)
Sets the rules by which connections to a network are governed.
A way of offering on-demand services that extend the capabilities of a persons computer or an organizations network.
Software-as a Service (Saas)
A cloud computing service where users access applications over the Internet that are provided by a third party.
Infrastructure as a Service (IaaS)
A cloud computing service that offers computer networking, storage, load balancing, routing, and VM hosting.
Platform as a Service (PaaS)
Cloud computing service that provides various software solutions to organizations.
Gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another.
Scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to networks.
TCP Reset Attack
Sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately.
Denies all traffic to a resource unless the users generating that traffic are granted access to that traffic.
When a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access.
A form of eavesdropping that intercepts all data between a client and a server.
Cross-Site Scripting (XSS)
A type of vulnerability found in web applications used with session hijacking.
Denial of Service (DoS)
A network attack to make computer resorces unavailable.
AKA- ICMP flood attack, an attacker sends many packets (pings) to a host in an attempt to use up all bandwidth.
A type of Denial of Service (DoS) attack that sends large amounts of ICMP (Internet Control Message Protocol) echoes. The header of the ICMP echo will have a spoofed IP address which is the target of the Smurf attack.
Similiar to the Smurf attack, but it sends UDP echo traffic instead of ICMP echo traffic.
Permanent DoS Attack (PDoS)
Consists of an attacker exploiting secuirity flaws in a router by flashing the firmware of the device with modified firmware.
Ping of Death (POD)
Type of DoS that sends an oversized packet to another computer.
An attack that creates a large number of processes quickly to saturate the available processing space in the computers OS.
A type of DoS where large amounts of SYN request packets are sent to a server in an attempt to deny service.
Type of DoS that sends mangled IP fragments with overlapping and oversized payloads to the target machine.
Distibuted Denial of Attack (DDoS)
A group of comprismed systems attack a single target, causing a DoS to occur at that host.
When someone masquerades as another person by falsifying information.
Proccess of attempting to acquire sesitive information such as usernames, passwords and credit card information. This is done by using fake website links sent by e-mail.
An attack in which valid data transmission is maliciously or fraudulently repeated or delayed.
Random number issued by an authentication protocol that can only be used once.
Used by an attacker, a malicious connection to the Windows interprocess communications share (IPC$)
Domain Name Kiting
Process of deleting a domain name during the five-day grace period and immediately reregistering it for another five-day period to keep the domain name for free.
The modification of name resolution information that should be in a DNS servers cache.
The redirect of a website traffic to another bogus and possibly malicious website by modifying a DNS server or host files.
Exploits Ethernet networks, and it may enable an attacker to sniff frames of information modify that information or stop it from getting to its intended destination.
UDP Flood Attack
Similiar to Fraggle, it uses UDP. Atackers like it because it does not require synchronization process.