Task 27-Attack Surface Reduction | Threats are failing all around me-Advent of Cyber 2022 [Day 22]-Answers Write-up and Walkthrough
An attack vector is a tool, technique, or method used to attack a computer system or network. If we map the attack vectors to the physical world, attack vectors would be the weapons an adversary uses, like, swords, arrows, hammers, etc. A non-exhaustive list of examples of attack vectors in cybersecurity includes the following:
Phishing emails; Deceptive emails that are often impersonating someone and asking the victim to perform an action that compromises their security.
Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks; Sending so many requests to a website or web application that it reaches its limits and can no longer serve legitimate requests.
Web drive-by attacks; Flaws in web browsers that compromise the security of the victim by merely visiting a website.
Unpatched Vulnerability exploitation; A flaw in the internet-facing infrastructure, such as the web server or the network interface, that is exploited to take control of the infrastructure.
The attack surface is the surface area of the victim of an attack that can be impacted by an attack vector and cause damage. Taking forward our example of the physical world, the attack surface will include the unarmoured body of a soldier, which an attack of a sword, an arrow, or a hammer, etc., can damage. In cybersecurity, the attack surface will generally contain the following:
An email server that is used for sending and receiving emails.
An internet-facing web server that serves a website to visitors.
End-user machines that people use to connect to the network.
Humans can be manipulated and tricked into giving control of the network to an attacker through social engineering.
Follow the instructions in the attached static site to help McSkidy reduce her attack surface against attacks from the Yeti. Use the flag as an answer to complete the task.
Ans: THM{4TT4CK SURF4C3 R3DUC3D}
Thank you for Reading!!
Happy Hacking ~
THM , TryHackMe , TryHackMe Advent of Cyber 2022 , TryHackMe Advent of Cyber 4 Day 22, Ethical Hacking , Write up , Walk through , TryHackMe Advent of Cyber 2022 Day 22 Answers