Chapter 10: Mitigating Common Attack Vectors

In this chapter, you will learn how to mitigate attack vectors that are commonly seen when standard computer communications protocols have been exploited. Once an attacker has gained access to your network, they will likely try to intercept communications and insert themselves in an attempt to gain a foothold. First, we will discuss different types of Adversary-in-the-Middle techniques and how they can be used to intercept communications, poison responses, capture user passwords, and relay authentication processes to access other systems. We will also discuss how network protocols such as mDNS, NetBIOS, LLMNR, WPAD, SMB, ARP, and IPv6 can be used to trick an unknowing victim into redirecting communications ...

Get Mastering Windows Security and Hardening - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Windows Security and Hardening - Second Edition by Mark Dunkerley, Matt Tumbarello

Chapter 10: Mitigating Common Attack Vectors

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly