More on this book
Community
Kindle Notes & Highlights
covers Domain Name System (DNS)
DNS resolves host names to IP addresses.
Uniform Resource Locator (URL)
use Domain Name System Security Extensions (DNSSEC)
A pharming attack
tries to corrupt the DNS server or the DNS client.
An amplification attack is a type of DDoS attack. It typically uses a method that significantly increases the amount of traffic sent to, or requested from, a victim. As
Remember this DNS poisoning attacks attempt to corrupt DNS data. Amplification attacks increase the amount of traffic sent to or requested from a victim and can be used against a wide variety of systems, including individual hosts, DNS servers, and NTP servers.
A brute force attack attempts to guess all possible character combinations.
Offline password attacks attempt to discover passwords from a captured database or captured packet scan.
A dictionary attack is one of the original password attacks. It uses a dictionary of words and attempts every word in the dictionary to see if it works.
Remember this Brute force attacks attempt to guess passwords. Online attacks guess the password of an online system. Offline attacks guess the password stored within a file, such as a database. Dictionary attacks use a file of words and common passwords to guess a password. Account lockout policies help protect against brute force attacks and complex passwords thwart dictionary attacks.
A hash is simply a number created with a hashing algorithm such as Message Digest 5 (MD5) or Secure Hash Algorithm 3 (SHA-3).
In a pass the hash attack, the attacker discovers the hash of the user’s password and then uses it to log on to the system as the user.
A birthday attack is named after the birthday paradox in mathematical probability theory. The birthday paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday.
A hash collision occurs when the hashing algorithm creates the same hash from different passwords.
Rainbow table attacks are a type of attack that attempts to discover the password from the hash.
Remember this Passwords are typically stored as hashes. A pass the hash attack attempts to use an intercepted hash to access an account. Salting adds random text to passwords before hashing them and thwarts many password attacks, including rainbow table attacks. A hash collision occurs when the hashing algorithm creates the same hash from different passwords. Birthday attacks exploit collisions in hashing algorithms.
A replay attack is one where an attacker replays data that was already part of a communication session.
Remember this Replay attacks capture data in a session with the intent of later impersonating one of the parties in the session. Timestamps and sequence numbers are effective counter measures against replay attacks.
An attacker can launch a known plaintext attack if he has samples of both the plaintext and the ciphertext. As
Typo squatting (also called URL hijacking) occurs when someone buys a domain name that is close to a legitimate domain name.
Clickjacking tricks users into clicking something other than what they think they’re clicking.
domain hijacking attack, an attacker changes the registration of a domain name without permission from the owner.
Remember this Attackers purchase similar domain names in typo squatting (also called URL hijacking) attacks. Users visit the typo squatting domain when they enter the URL incorrectly with a common typo. In a session hijacking attack, the attacker utilizes the user’s session ID to impersonate the user. In a domain hijacking attack, an attacker changes the registration of a domain name without permission from the owner.
A man-in-the-browser is a type of proxy Trojan horse that infects vulnerable web browsers.
Shimming provides the solution that makes it appear that the older drivers are compatible.
Refactoring code is the process of rewriting the internal processing of the code, without changing its external behavior.
zero-day vulnerability is a weakness or bug that is unknown to trusted sources, such as operating system and antivirus vendors.
Remember this Zero-day exploits are undocumented and unknown to the public. The vendor might know about it, but has not yet released a patch to address it.
A memory leak is a bug in a computer application that causes the application to consume more and more memory the longer it runs.
An integer overflow attack attempts to use or create a numeric value that is too big for an application to handle.
A buffer overflow occurs when an application receives more input, or different input, than it expects.
Remember this Buffer overflows occur when an application receives more data than it can handle, or receives unexpected data that exposes system memory. Buffer overflow attacks often include NOP instructions (such as x90) followed by malicious code. When successful, the attack causes the system to execute the malicious code. Input validation helps prevent buffer overflow attacks.
Dynamic Link Library (DLL)
DLL injection is an attack that injects a DLL into a system’s memory and causes it to run.
Compiled code has been optimized by an application (called a compiler) and converted into an executable file.
Runtime code is code that is evaluated, interpreted, and executed when the code is run.
input validation. Input validation is the practice of checking data for validity before using it.
Remember this The lack of input validation is one of the most common security issues on web-based applications. Input validation verifies the validity of inputted data before using it, and server-side validation is more secure than client-side validation. Input validation protects against many attacks, such as buffer overflow, SQL injection, command injection, and cross- site scripting attacks.
Error-handling and exception-handling routines ensure that an application can handle an error gracefully.
Remember this Error and exception handling helps protect the integrity of the operating system and controls the errors shown to users. Applications should show generic error messages to users but log detailed information.
Obfuscation attempts to make something unclear or difficult to understand.
Remember this Static code analysis examines the code without running it and dynamic analysis checks the code while it is running. Fuzzing techniques send random strings of data to applications looking for vulnerabilities. Stress testing verifies an application can handle a load. Sandboxing runs an application within an isolated environment to test it. Model verification ensures that the application meets all specifications and fulfills its intended purpose.
Remember this SDLC models provide structure for software development projects. Waterfall uses multiple stages going from top to bottom, with each stage feeding the next stage. Agile is a flexible model that emphasizes interaction with all players in a project. Secure DevOps is an agile-aligned methodology that stresses security throughout the lifetime of the project.
Normalization of a database refers to organizing the tables and columns to reduce redundant data and improve overall database performance.
Remember this Normalization is a process used to optimize databases. While there are several normal forms available, a database is considered normalized when it conforms to the first three normal forms.
Remember this Attackers use SQL injection attacks to pass queries to back-end databases through web servers. Many SQL injection attacks use the phrase ‘ or ‘1’=’1’ -- to trick the database server into providing information.
Remember this Cross-site scripting (XSS) attacks allow attackers to capture user information such as cookies. Input validation techniques at the server help prevent XSS attacks.
Remember this Cross-site request forgery (XSRF) scripting causes users to perform actions on web sites, such as making purchases, without their knowledge. In some cases, it allows an attacker to steal cookies and harvest passwords.
