CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – More Protocols
March 10, 2010 · Posted in Don's eBook Report, Information Security, Information Systems, Information Technology · Comment
Host-to-Host Transport Layer Protocols
TCP – Transmission Control Protocol
- Connection oriented
- Sequenced packets
- Acknowledgement is sent back for received packets
- If no acknowledgement then packet is resent
- Packets are re-sequenced
- Manageable data flow is maintained
Note: TCP and UDP use dynamic port numbers greater than 1023
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Session Hijacking
In computer science, session hijacking refers to the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer (see HTTP cookie theft).
TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine. Read more
Join Me On Facebook
Business Tech Press Releases- Akamon Launches its First Game on Facebook: Chinchón February 7, 2012
- AutoTrader.com Makes It Easier for Dealers to Use Co-op Funds for New Car Advertising Online February 7, 2012
- Populis steigt in den brasilianischen Online-Markt ein February 7, 2012
- Broadridge Selected by Bloomberg Tradebook for New Self-Clearing Model February 7, 2012
- Concur to Present at the Goldman Sachs Technology & Internet Conference 2012 February 7, 2012
- From the National Vulnerability Database
- CVE-2011-4872 (desire_hd, desire_s, droid_incredible, evo_3d, evo_4g, glacier, sensation_4g, sen...) February 4, 2012Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid Incredible FRF91, Thunderbolt 4G FRG83D, Sensation Z710e GRI40, Sensation 4G GRI40, Desire S GRI40, EVO 3D GRI40, and EVO 4G GRI40 allow remote attackers to obtain 802.1X Wi-Fi credentials and SSID via a crafted application that uses the android.permission.ACCESS_WIFI_STA […]nvd@nist.gov
- CVE-2011-4512 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012CRLF injection vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary HTTP headers and conduct HT […]nvd@nist.gov
- CVE-2011-4879 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not properly handle URIs beginning with a 0xfa character, which allows remote attac […]nvd@nist.gov
- CVE-2011-4514 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012The TELNET daemon in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime does not perform authentication, which makes it easier for remote attackers to obtain access via a TCP session. […]nvd@nist.gov
- CVE-2011-4510 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or H […]nvd@nist.gov
- CVE-2011-4878 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Directory traversal vulnerability in miniweb.exe in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to read arbitrary files via […]nvd@nist.gov
- CVE-2011-4877 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to cause a denial of service (application crash) by sending crafted […]nvd@nist.gov
- CVE-2011-4513 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allow user-assisted remote attackers to execute arbitrary code via a crafted project file, related to the HMI web server and runtime loader. […]nvd@nist.gov
- CVE-2011-4876 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Directory traversal vulnerability in HmiLoad in the runtime loader in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime, when Transfer Mode is enabled, allows remote attackers to execute, read, create, modi […]nvd@nist.gov
- CVE-2011-4511 (wincc_flexible, simatic_hmi_panels, wincc_runtime_advanced, wincc_flexible_runtime) February 2, 2012Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtime allows remote attackers to inject arbitrary web script or H […]nvd@nist.gov
- CVE-2011-4872 (desire_hd, desire_s, droid_incredible, evo_3d, evo_4g, glacier, sensation_4g, sen...) February 4, 2012