COMPTIA Security+ Tutorial: Module 03,Part 05 – TYPES OF WIRELESS ATTACKS

WIRELESS ATTACKS

Increase of cyber crime and wireless attacks have raised concern amongst everyone. Some of the types of Wireless Attacks are:

Rogue Access Point can open up the malicious users to access your information breaking the security.

Evil Twin is the fake access point that the malicious users will set up to allow unknown user to log on to the computer and capture information.

Interference is also called as Jamming. Intercepting of signal that denies the service.

War Driving with the gadgets to find the wireless network in the neighbourhood. As soon as they identify the network, they mark the areas and this is called as War Chalking.

Bluetooth Attacks gain unauthorized access through Bluetooth.

 

APPLICATIONS ATTACKS

Application attacks are set deliberately by the malicious actions tricking their way with direct requests that appear to be innocent.

Cross Site Scripting (XSS) attack occurs when a malicious user convinces the victim to run a malicious script through the web browsing. The malicious users will steal information.

Structured Query Language(SQL) is a language to query database. A malicious person is able to send a SQL code to execute on the database through a browsing session. They could change the product prices and steal information.

Next we look at the :

Lightweight Directory Protocol (LDAP) Injections: It is used to query directory and is based on the vulnerabilities in web applications. They work similar to the SQL attack. It is possible for a malicious person to get unauthorised access.

Extended Mark Up Language(XML) Injections: This has  a wide variety of uses. It injects malicious codes, retrieve and modify the data within the servers. It is important to monitor the traffic to prevent XML attacks.

Directory Traversal/Command Injection: Within the organization the server grant access to individual which should otherwise be locked down to prevent unauthorised users to draw information by injecting codes.

Buffer Over Flow: This is a form of attack with which malicious persons will redirect program execution flow to perform attack tasks by over filling the buffers.

ZERO DAY EXPLOITS

The terms ‘Zero Day Exploits’ define an attack which will have no solution as it happens for the first time. You should ensure security patches, configurations, servers and etc. is updated.It is a new type of an attack for which there is no developed security solution.