CEH Handbook Chapter 9 & 10 Sniffing and Social Engineering VOCAB ITN 261

Commitment

If someone commits to something, either in writing or orally, they are more inclined to follow through on that commitment.

Reciprocity

If you get one of these free samples, you may be inclined to feel like you should buy the product in response.

Liking

If you like someone, you may be more easily swayed by what they think or do.

Social Proof

If you see someone else doing something, such as using a product, you will see that it is acceptable to do that. You may therefore be more willing to try the product, or whatever it is you've seen.

Authority

In general, people are inclined to follow authority figures and do what they say or ask.

SSLStrip

Is a a non-transparent proxy simply rewrites all https:// links from the web server going back to the browser as http:// links, essentially stripping SSL from the interaction.

ARP Spoofing

More commonly known as ARP poisoning, this involves the MAC (Media Access Control) address of the data being faked.

Site Cloning

Site cloning is an incredibly easy thing to do. In fact, you don't even need to clone the entire site. You just need the HTML code that makes rendering the page possible. WinHTTrack is tool for this.

Scarcity

The lack of availability of these products increases their perceived value.

mdk3/4

This is a tool that can be used to perform beacon flooding, authentication denial-of-service attacks, and deauthentication attacks, along with other tests.

Pretexting

a form of social engineering in which one individual lies to obtain confidential data about another individual

DNS Spoofing

the DNS server is given information about a name server that it thinks is legit when it isn't

Packet capturing

the process of acquiring network traffic that is addressed to systems other than your own.

A good wireless attacking toolkit

wifiphisher