How does a reflected attack work?
A reflected attack uses responses from legitimate services to flood a victim. The attacker sends spoofed requests to existing legitimate servers (Step 1). Servers then send all responses to the victim (Step 2). There is no redirection of traffic.
Learn More :
Corporate Computer Security
- How do wireless IDSs get their data?
- What is the purpose of a wireless IDS?
- How long must passphrases be for adequate security?
- How are PSK/personal keys generated?
- Why is using a shared initial key not dangerous?
- How do users in this mode authenticate themselves to the access point?
- What mode was created for homes or very small businesses with a single access point?
- Despite its security weaknesses, why do many companies continue to use WPA instead of 802.11i?
- What does the Wi-Fi Alliance call 802.11i?
- Compare WPA and 802.11i security.
- What prompted the Wi-Fi Alliance to create WPA?
- Should corporations today use WEP for security today?
- How long may WEP take to crack today?
- What mistake did the 802.11 Working Group make in selecting the length of the IV?
- What per-frame key does a WEP computer or access point use to encrypt when it transmits?
- Why are permanent shared keys undesirable?
- What encryption algorithm does it use?
- What was the first core wireless security standard?
- Is 802.11i security strong? Explain.
- Distinguish between their options for inner authentication.
- What two extended EAP protocols are popular today?
- What authentication method or methods does outer authentication use?
- For 802.11i, distinguish between outer and inner authentication.
- What standard did the 802.3 Working Group create to extend 802.1X operation to WLANs with security for EAP?
- Why is it impossible to extend 802.1X operation using EAP directly to WLANs?