[CCCure CISSP] Known Passive and Active Attacks

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] Known Passive and Active Attacks

aditya
Hello Friends,

Could anyone please give me a list of the known passive attacks and active attacks for attacks like data diddling, shoulder surfing, scavenging, sniffing etc. Different sources have different views so just wanted to find the exact information.

Thanks

--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Known Passive and Active Attacks

Richard Rieben
These are well-discussed in AIOv5 on pages 903 through 907 and it covers less traditional attacks such as:

Data Diddling
Excessive Privileges
Password Sniffing
IP Spoofing
Dumpster Diving
Emanations Capturing
Wiretapping

I don't have the OIG on-hand, but the list above is a good start.

R-
 
* * * * * * * *
Richard Rieben, CISSP, PMP, FITSP-M
http://www.linkedin.com/in/rrieben
* * * * * * * *


From: aditya <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Sent: Monday, January 7, 2013 2:23 PM
Subject: [CCCure CISSP] Known Passive and Active Attacks

Hello Friends,

Could anyone please give me a list of the known passive attacks and active attacks for attacks like data diddling, shoulder surfing, scavenging, sniffing etc. Different sources have different views so just wanted to find the exact information.

Thanks

--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Known Passive and Active Attacks

clementdupuis
Administrator
In reply to this post by aditya
Good day Aditya,

A passive attach is simply an attack where you do not interact or send packets to your target.   Using a sniffer would be an example of a passive attack,  gathering information from public databases would be another one, etc...

An active attack is one where you are stimulating your target by sending packets/code to see what response and information you can gather.    Scanning, Vulnerability scanning, injection of code, would all be active attacks.

The list of attacks could be very long of course.   

It would be like saying there are gas powered and diesel cars.   Which one falls into each of the category.

There are many types of attacks listed within the 10 domains and you have to be familiar with the common ones such as lack of input filtering, SQL injection, code injection, buffer overflow, etc...

Best regards

Clement


On Mon, Jan 7, 2013 at 2:23 PM, aditya <[hidden email]> wrote:
Hello Friends,

Could anyone please give me a list of the known passive attacks and active attacks for attacks like data diddling, shoulder surfing, scavenging, sniffing etc. Different sources have different views so just wanted to find the exact information.

Thanks

--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Known Passive and Active Attacks

clementdupuis
Administrator
In reply to this post by Richard Rieben
Good day Richard,

Thanks for pointing us in the right direction.

The ISC2 book also talks about testing methodologies. 

Penetration Test Methodology:
A methodology is an established collection of processes that are performed in a predetermined order to ensure the job, function, or, in this case, security test is accurately executed. There are many ways of performing a penetration test, perhaps as many as there are testers.

However, there is a basic and logical methodology that has become best practice for performing such tests: Reconnaissance/discovery: Identify and document information about the target. Enumeration: Gain more information with intrusive methods. Vulnerability analysis: Map the environment profile to known vulnerabilities. Execution: Attempt to gain user and privileged access. Document findings: Document the results of the test

Step 1—Reconnaissance: As is the case with most military and espionage campaigns, penetration tests typically begin with a reconnaissance phase. Reconnaissance is the search for any available information on the target to assist in planning or executing the test. The search can include quick ping sweeps to see what IP addresses on a network will respond, scouring news groups on the Internet in search of disgruntled employees divulging useful information, or rummaging through the trash to find inside information on the business or the technical environment (also known as dumpster diving.) The ultimate goal of the reconnaissance phase is to gather as much information on the target as possible. This may include physical and virtual layouts, building and network topography, organizational strengths and weaknesses, operational patterns, technology in use, and practically anything else the tester may think will be useful in the coming attack. Reconnaissance can also include theft, lying to people, monitoring networks, impersonations, or even leveraging falsified friendships to collect data about a target. The search for information is only limited by the extremes to which a company and the tester are willing to go. The rule of thumb in the reconnaissance phase is that no piece of information is too small to be useful.

Step 2—Enumeration: Also known as network or vulnerability discovery, enumeration is the process of obtaining information directly from the target systems, applications, and networks. An interesting point to understand is that the enumeration phase represents a point within the penetration testing project where the line between a passive attack and an active attack begins to blur. At this point the tester is not just gathering information any more; he or she is sending network probes or otherwise communicating with systems and network devices in order to gather more information. Some of these devices may be fragile or susceptible to even the slightest nudge from the tester. When setting up the test parameters, the enumeration phase should be thoroughly reviewed with the operations, support, and security teams to ensure there are no surprise alerts generated as a result of the test. To build an accurate picture of a company's environment, there are several tools and techniques available to compile a list of information obtained from the systems. Most notably, port scanning is the most common and easily executed basic test to start with. A port scan is the manipulation of the basic communication setup between two networked systems to determine what services are being offered on the target system. Collecting information about available systems and services is the first step in formulating an attack plan. From here, the tester can build on the information found during the reconnaissance phase and define a path to attempt to compromise the system.

Step 3—Vulnerability Analysis: The information gathered by the reconnaissance and enumeration phases will yield a great deal of valuable information about the target environment. The next step is to analyze that data to determine potential vulnerabilities that may be exploited to successfully attack the target. This calls for a logical and pragmatic approach to analyzing data. During the enumeration phase, the tester performs an interpretation of the information collected (or provided), looking for relationships between systems, networks, and applications that may lead to exposures that can be exploited. The vulnerability analysis phase is a practical process of comparing the information collected with known vulnerabilities. Most information about potential vulnerabilities can be collected from openly available sources, such as the Internet, public Web sites, hacker periodicals and mailing lists, news groups, vendor bug and patch data, and even the personal experience of the tester. These can be used to analyze information gleaned from the target to seek options for exploitation. All this information, properly analyzed, can be used to formulate a successful attack.

Because each organization and environment is different, the tester (and the attacker) must analyze the information carefully to identify potential avenues of attack that will work against that potential environment. The use of easily-obtained reconnaissance and analysis tools can help this effort a great deal. Such tools will systematically explore and analyze multiple categories of potential vulnerabilities, such as Web exploits, data handling exploits, buffer overflows, misconfigured systems, trust relationships, authentication errors, even missing patches or system updates. The analysis of potential vulnerabilities is critical, as it will pinpoint precise areas of weakness in the environment and optimize the tester's time when attempting to penetrate a system.

Step 4—Execution: A great deal of planning and evaluation are performed during the earlier testing phases to ensure that the test focuses on the areas of greatest vulnerability and criticality, ensuring ultimately that core business systems can be better protected. Of course, all of this planning must lead to the actual execution of some form of attack scenarios. Exploiting systems and applications can be as easy as running an automated tool or as intricate as manually executing specific steps to get a desired result. No matter the level of difficultly of the test, good testers follow a specific pattern during the exploitation phase of a test to ensure consistent and successful results.

Corporate; (Isc)² (2010-04-20). Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press) (Kindle Locations 2392-2402). Taylor & Francis. Kindle Edition.

Corporate; (Isc)² (2010-04-20). Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press) (Kindle Locations 2384-2392). Taylor & Francis. Kindle Edition.

Corporate; (Isc)² (2010-04-20). Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press) (Kindle Locations 2369-2383). Taylor & Francis. Kindle Edition.

Corporate; (Isc)² (2010-04-20). Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press) (Kindle Location 2375). Taylor & Francis. Kindle Edition.

Corporate; (Isc)² (2010-04-20). Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press) (Kindle Locations 2357-2369). Taylor & Francis. Kindle Edition.
Clement Dupuis, CD

Best regards

Clement


On Mon, Jan 7, 2013 at 2:48 PM, Richard Rieben <[hidden email]> wrote:
These are well-discussed in AIOv5 on pages 903 through 907 and it covers less traditional attacks such as:

Data Diddling
Excessive Privileges
Password Sniffing
IP Spoofing
Dumpster Diving
Emanations Capturing
Wiretapping

I don't have the OIG on-hand, but the list above is a good start.

R-
 
* * * * * * * *
Richard Rieben, CISSP, PMP, FITSP-M
* * * * * * * *


From: aditya <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Sent: Monday, January 7, 2013 2:23 PM
Subject: [CCCure CISSP] Known Passive and Active Attacks

Hello Friends,

Could anyone please give me a list of the known passive attacks and active attacks for attacks like data diddling, shoulder surfing, scavenging, sniffing etc. Different sources have different views so just wanted to find the exact information.

Thanks

--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Known Passive and Active Attacks

clementdupuis
Administrator
In reply to this post by Richard Rieben
The explanations are also in the Sixth Edition of the AIO book from Shon.

NOTE: A passive attack is nonintrusive, as in eavesdropping or wiretapping. An active attack, on the other hand, is intrusive, as in DoS or penetration attacks.


Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations 21649-21650). McGraw-Hill. Kindle Edition.

Best regards

Clement


On Mon, Jan 7, 2013 at 2:48 PM, Richard Rieben <[hidden email]> wrote:
These are well-discussed in AIOv5 on pages 903 through 907 and it covers less traditional attacks such as:

Data Diddling
Excessive Privileges
Password Sniffing
IP Spoofing
Dumpster Diving
Emanations Capturing
Wiretapping

I don't have the OIG on-hand, but the list above is a good start.

R-
 
* * * * * * * *
Richard Rieben, CISSP, PMP, FITSP-M
* * * * * * * *


From: aditya <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Sent: Monday, January 7, 2013 2:23 PM
Subject: [CCCure CISSP] Known Passive and Active Attacks

Hello Friends,

Could anyone please give me a list of the known passive attacks and active attacks for attacks like data diddling, shoulder surfing, scavenging, sniffing etc. Different sources have different views so just wanted to find the exact information.

Thanks

--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] Known Passive and Active Attacks

aditya
Thanks all

On Tue, Jan 8, 2013 at 1:45 AM, Clement Dupuis <[hidden email]> wrote:
The explanations are also in the Sixth Edition of the AIO book from Shon.

NOTE: A passive attack is nonintrusive, as in eavesdropping or wiretapping. An active attack, on the other hand, is intrusive, as in DoS or penetration attacks.


Harris, Shon (2012-10-25). CISSP All-in-One Exam Guide, 6th Edition (Kindle Locations 21649-21650). McGraw-Hill. Kindle Edition.

Best regards

Clement


On Mon, Jan 7, 2013 at 2:48 PM, Richard Rieben <[hidden email]> wrote:
These are well-discussed in AIOv5 on pages 903 through 907 and it covers less traditional attacks such as:

Data Diddling
Excessive Privileges
Password Sniffing
IP Spoofing
Dumpster Diving
Emanations Capturing
Wiretapping

I don't have the OIG on-hand, but the list above is a good start.

R-
 
* * * * * * * *
Richard Rieben, CISSP, PMP, FITSP-M
* * * * * * * *


From: aditya <[hidden email]>
To: The CISSP Study Mailing list <[hidden email]>
Sent: Monday, January 7, 2013 2:23 PM
Subject: [CCCure CISSP] Known Passive and Active Attacks

Hello Friends,

Could anyone please give me a list of the known passive attacks and active attacks for attacks like data diddling, shoulder surfing, scavenging, sniffing etc. Different sources have different views so just wanted to find the exact information.

Thanks

--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




--
Regards
Aditya Balapure


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org