1 00:00:00,370 --> 00:00:01,900 Replay attacks. 2 00:00:01,900 --> 00:00:04,300 A replay attack is a network-based attack 3 00:00:04,300 --> 00:00:06,710 where valid data transmissions are fraudulently 4 00:00:06,710 --> 00:00:10,170 or maliciously re-broadcast, repeated, or delayed. 5 00:00:10,170 --> 00:00:12,280 This works a lot like a session hijack 6 00:00:12,280 --> 00:00:13,661 but it's a little bit different. 7 00:00:13,661 --> 00:00:15,130 With a session hijack, 8 00:00:15,130 --> 00:00:17,070 the attacker is trying to modify the information 9 00:00:17,070 --> 00:00:19,660 being sent and received at real time, 10 00:00:19,660 --> 00:00:20,861 but with a replay attack, 11 00:00:20,861 --> 00:00:22,560 we're simply trying to intercept it, 12 00:00:22,560 --> 00:00:24,460 analyze it, and decide whether or not to let it 13 00:00:24,460 --> 00:00:26,350 be passed on later again. 14 00:00:26,350 --> 00:00:28,260 Now, for example, if I were able to capture 15 00:00:28,260 --> 00:00:29,650 the session that occurs when you went in 16 00:00:29,650 --> 00:00:32,110 to log into your bank with your username and password, 17 00:00:32,110 --> 00:00:33,430 I could then replay that session 18 00:00:33,430 --> 00:00:35,359 to the bank later on in an attempt to log in as you. 19 00:00:35,359 --> 00:00:37,920 That's the idea of a replay attack. 20 00:00:37,920 --> 00:00:39,770 Now, to combat a replay attack, 21 00:00:39,770 --> 00:00:41,730 you should ensure that websites and devices 22 00:00:41,730 --> 00:00:44,250 are using session tokens to uniquely identify 23 00:00:44,250 --> 00:00:46,690 when an authentication session is occurring. 24 00:00:46,690 --> 00:00:49,120 Also, if you use multi-factor authentication, 25 00:00:49,120 --> 00:00:51,190 this can help prevent the ability of a log on session 26 00:00:51,190 --> 00:00:53,980 to be replayed because it doesn't have that token 27 00:00:53,980 --> 00:00:56,370 that has that random data that's changed every 30 28 00:00:56,370 --> 00:00:58,010 to 60 seconds if you're using something 29 00:00:58,010 --> 00:00:59,730 like a one-time use password 30 00:00:59,730 --> 00:01:02,200 as part of your multi-factor authentication. 31 00:01:02,200 --> 00:01:03,990 One place where replay attacks have been used 32 00:01:03,990 --> 00:01:05,310 quite successfully, though, 33 00:01:05,310 --> 00:01:07,800 is in the world of wireless authentication. 34 00:01:07,800 --> 00:01:10,670 By capturing a device's handshake onto the wireless network, 35 00:01:10,670 --> 00:01:11,680 you can replay it later 36 00:01:11,680 --> 00:01:13,133 to gain access to that network yourself 37 00:01:13,133 --> 00:01:14,890 as if you were them. 38 00:01:14,890 --> 00:01:17,320 This is extremely common in the older protocols, 39 00:01:17,320 --> 00:01:20,040 especially the wired equivalent privacy or WEP 40 00:01:20,040 --> 00:01:21,620 when using a wireless network. 41 00:01:21,620 --> 00:01:23,730 So, you should be using the latest protocols 42 00:01:23,730 --> 00:01:26,913 like WPA2 to help prevent and minimize your risk.