Attacks summary¶
links: SPA TOC - Layered Security - Index
Layer 1: Physical Layer¶
- Tap Attack: Unauthorized physical access to network cables or ports to intercept data, exploiting unsecured physical network infrastructure.
- RF Jamming: Deliberately sending radio frequency signals to disrupt wireless network communications, exploiting the nature of shared wireless medium.
- Physical Destruction: Damaging or destroying physical components of a network (e.g., routers, switches, cabling), exploiting the physical vulnerability of network hardware.
Layer 2: Data Link Layer¶
- ARP Spoofing: Attacker sends fake ARP (Address Resolution Protocol) messages to link their MAC address with the IP address of another host, exploiting the lack of authentication in ARP protocols.
- MAC Flooding: Overwhelming the switch's MAC table by flooding the network with frames with unique MAC addresses, exploiting limited size of MAC address tables in switches.
- VLAN Hopping: Exploiting switch misconfigurations to send traffic from one VLAN to another unauthorized VLAN.
Layer 3: Network Layer¶
- IP Spoofing: Creating IP packets with a forged source IP address to conceal the sender's identity or impersonate another computing system, exploiting the lack of authentication in the IP protocol.
- Routing Attack: Compromising network routers to disrupt or reroute network traffic, exploiting vulnerabilities in routing protocols.
- Ping of Death: Sending malformed or oversized packets to crash, freeze, or reboot the target machine, exploiting the handling of fragmented packets.
Layer 4: Transport Layer¶
- SYN Flood: Overloading a server by initiating a large number of TCP connections but not completing the handshake, exploiting the TCP three-way handshake.
- Session Hijacking: Taking over a web user's session by stealing or predicting a valid session token, exploiting the stateful nature of TCP connections.
- UDP Flood: Flooding the target with UDP packets, leading to denial of service, exploiting the stateless nature of UDP.
Layer 5: Session Layer¶
- Man-in-the-Middle Attack: Intercepting communication between two parties and possibly altering the communication, exploiting non-encrypted session establishment.
- Session Fixation: An attacker fixes a user's session ID before the user logs in, then hijacks the user's authenticated session, exploiting the vulnerable session management.
- Cross-Site Request Forgery (CSRF): Tricking a victim's browser into sending unauthorized commands to a website, exploiting the website's trust in the user's browser.
Layer 6: Presentation Layer¶
- SSL Stripping: Downgrading a secure HTTPS connection to an unsecured HTTP connection, exploiting the client's ability to handle multiple types of connections.
- Compression Ratio Info-leak Made Easy (CRIME): Exploiting the compression mechanism of SSL to extract secure data, particularly cookies.
- Character Encoding Attacks: Manipulating character encoding to bypass input validation checks, exploiting weaknesses in data representation and encoding.
Layer 7: Application Layer¶
- SQL Injection: Inserting or "injecting" a SQL query via input data from the client to the application, exploiting poor input validation.
- Cross-Site Scripting (XSS): Injecting malicious scripts into web pages viewed by other users, exploiting the trust a user has for a particular site.
- DNS Hijacking: Redirecting queries to a fraudulent domain name server, leading users to malicious websites, exploiting vulnerabilities in DNS services.
links: SPA TOC - Layered Security - Index