Man-in-the-Middle n Attacker impersonates server ¨ Credentials n and private information can be captured SSL ¨A warning is generated but, who reads them? Sends requests to ATTACKER Sends VICTIM req to SERVER
SYN Flooding n Keeps many TCP connections in the HALF-OPEN state ¨ Resource starvation SYN | port 80 SYN | ACK | ISN# 2222 ACK #2222 | port 80 | data ACK #bbbb| data SESSION SEQ# 23012: 80 2222 12392: 25 2223 12493: 80 2224 … …
DISTRIBUTED DENIAL OF SERVICE n Totally consumes the target network’s bandwidth ¨ Resource n starvation Hard to trace ¨ Attackers use compromised machines to launch attack
Други видове мамене DHCP Spoofing n DNS Spoofing n IP Address Spoofing n E-mail spoofing n