GCIH GIAC Certified Incident Handler All-in-One Exam Guide

CHAPTER 7 Network Attacks

In this chapter you will learn about

• IP address spoofing

• Network traffic sniffing

• ARP and DNS cache poisoning

• SSL/TLS and SSH attacks

• Session hijacking

• Using tools like hping3, Ettercap, Bettercap, and Arpspoof

Attackers love capturing network traffic because it often gives them all they need to access resources. If no encryption is applied, account credentials, credit card information, Social Security numbers, and other sensitive data can be captured and give the attacker a very easy win. Sometimes that happens passively (just by intercepting traffic) or often actively (entailing some type of interaction with the network). ARP, DNS, and SSL attacks are very common, along with session hijacking, ...

Get GCIH GIAC Certified Incident Handler All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

GCIH GIAC Certified Incident Handler All-in-One Exam Guide by Nick Mitropoulos

CHAPTER 7

Network Attacks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly