Use MaCof to flood ARP cache
polymorphic shellcode encrypts shellcode by XOR values over shellcode, using loader code to decrypt shellcode and then execute
Recon Scan Access Maintain Clear
Cavity Virus install itself in file it is infecting
Boot Sector Virus MBR takes control when computer boots
Sparse Sector Virus Virus activates rarely
Spear Phishing will appear from someone trustworthy
traceroute manipulate value of TTL to elicit a time exceeded message in transit message
DHCP starvation Attack-broadcasts DHCP requests with spoofed MACs--(Gobbler). Stop by using "Enable DHCP snooping" on switch.
Session
Fixation Attack Weakness of web application. Induces attacker to
authenticate to a site and then attacks user validated session.
Protections against flooding: Syn Cookies, RST Cookies, Stack Tweeking, Micro Blocks
SPAN ports is a switch mechanism that ensure that copies of all traffic go through one port.
Session Splicing - Characterized is continuous stream of small packets
Hping2 packet crafting tools
Hping3 scripting language tools
Auditpol.exe /disable stops auditing
Disable Apache File Extensions mod_negotiation
RSA encryption p & q factorization
Windows wil not generate ICMP Echo Replies for broadcast ICMP
SQL injection --ever question deals with a single quote ' or the unicode %27 which is a single quote
Example enter Chicago'; drop table OrderTables--
Cross
Site Scripting--Every questions deals with either