Questions and Answers
What is the primary purpose of reconnaissance attacks?
Which of the following tools is commonly used in reconnaissance attacks?
In which stage do reconnaissance attacks typically occur?
Which of the following best describes a ping sweep in reconnaissance?
Signup and view all the answers
What is the first step taken by intruders when conducting a reconnaissance attack?
Signup and view all the answers
Which attack type directly involves mapping of systems and identification of potential vulnerabilities?
Signup and view all the answers
What is the primary function of a packet sniffer?
Signup and view all the answers
Which technique involves sending ICMP echo requests to determine live hosts?
Signup and view all the answers
What is a port scan used for?
Signup and view all the answers
What type of information can Internet information queries reveal?
Signup and view all the answers
Which of the following is NOT a typical function of a packet sniffer?
Signup and view all the answers
Which well-known port number is associated with HTTP services?
Signup and view all the answers
How can social engineering be characterized?
Signup and view all the answers
What role does the ICMP protocol play in a ping sweep?
Signup and view all the answers
Study Notes
Types of Network Attacks
- Three major categories: Reconnaissance Attacks, Access Attacks, Denial of Service (DoS) Attacks.
Reconnaissance Attacks
- Also known as information gathering; involves unauthorized discovery and mapping of systems and vulnerabilities.
- Acts as a precursor to Access or DoS attacks.
- Similar to a thief surveying a neighborhood for weak targets.
Phases of Reconnaissance Attacks
- Initial step: Conducting a ping sweep to identify active IP addresses within a network.
- Next: Assessing available services and ports on the identified IP addresses.
- Further inquiry: Querying identified ports for application and OS type and version.
- Final phase: Searching for vulnerable services that can be exploited.
Tools Used in Reconnaissance Attacks
- Packet Sniffers: Capture all network packets in promiscuous mode; can intercept unencrypted traffic. Commonly known example: Wireshark.
- Ping Sweeps: Scanning technique using ICMP requests to check which hosts are live; responses indicate active devices.
- Port Scans: Involves scanning TCP/UDP port ranges to identify listening services; responds if a port is in use.
- Internet Information Queries: Utilize databases like Whois for information on domain ownership and associated IP addresses.
Internet Information Queries
- Whois database acts like the “white pages” of the Internet, detailing contact information for domain registration, including:
- Technical, administrative, and billing contacts.
- Associated phone numbers, email addresses, and Domain Name Servers (DNS).
- Domain registration populates the Whois database; accessible to all Internet users.
Low-technology Reconnaissance
- Social Engineering: Involves manipulating individuals (e.g., via phone) to divulge sensitive information, such as passwords.
- Attackers can successfully retrieve sensitive data through clever deception.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
This quiz explores the three major categories of network attacks: Reconnaissance Attacks, Access Attacks, and Denial of Service (DoS) Attacks. Dive into the phases of reconnaissance and the tools commonly used, such as packet sniffers and ping sweeps. Test your knowledge on how these attacks identify vulnerabilities in systems.
