Page 1051 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1051

DarrilGibson Password: IP@$$edCi$$P. If you look at the first packet in

               the top pane (packet number 250), you can see that the name of the
               opened file is CISSP Secrets.txt.

               The following techniques can prevent successful sniffing attacks:

                    Encrypt all sensitive data (including passwords) sent over a
                    network. Attackers cannot easily read encrypted data with a sniffer.
                    For example, Kerberos encrypts tickets to prevent attacks, and
                    attackers cannot easily read the contents of these tickets with a
                    sniffer.


                    Use onetime passwords when encryption is not possible or feasible.
                    Onetime passwords prevent the success of sniffing attacks, because
                    they are used only once. Even if an attacker captures a onetime
                    password, the attacker is not able to use it.

                    Protect network devices with physical security. Controlling physical
                    access to routers and switches prevents attackers from installing
                    sniffers on these devices.

                    Monitor the network for signatures from sniffers. Intrusion

                    detection systems can monitor the network for sniffers and will
                    raise an alert when they detect a sniffer on the network.


               Spoofing Attacks

               Spoofing (also known as masquerading) is pretending to be
               something, or someone, else. There is a wide variety of spoofing
               attacks. As an example, an attacker can use someone else’s credentials
               to enter a building or access an IT system. Some applications spoof
               legitimate logon screens. One attack brought up a logon screen that

               looked exactly like the operating system logon screen. When the user
               entered credentials, the fake application captured the user’s
               credentials and the attacker used them later. Some phishing attacks
               (described later in this section) mimic this with bogus websites.

               In an IP spoofing attack, attackers replace a valid source IP address
               with a false one to hide their identity or to impersonate a trusted
               system. Other types of spoofing used in access control attacks include

               email spoofing and phone number spoofing.
   1046   1047   1048   1049   1050   1051   1052   1053   1054   1055   1056