CHAPTER 7

Network Attacks

In this chapter you will learn about

•   IP address spoofing

•   Network traffic sniffing

•   ARP and DNS cache poisoning

•   SSL/TLS and SSH attacks

•   Session hijacking

•   Using tools like hping3, Ettercap, Bettercap, and Arpspoof

Attackers love capturing network traffic because it often gives them all they need to access resources. If no encryption is applied, account credentials, credit card information, Social Security numbers, and other sensitive data can be captured and give the attacker a very easy win. Sometimes that happens passively (just by intercepting traffic) or often actively (entailing some type of interaction with the network). ARP, DNS, and SSL attacks are very common, along with session hijacking, ...

Get GCIH GIAC Certified Incident Handler All-in-One Exam Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.