Different types of attacks

Are you preparing for IT certification? With practice questions, study notes, interactive quizzes, tips and technical articles, uCertify PrepKits ensure that you get a solid grasp of core technical concepts to ace your certification exam in first attempt.

Different types of attacks

Rating:

In computer systems and networks, security is concerned with privacy, integrity, and protection from unauthorized access, modification, and deletion. It is an effort that needs proper planning, implementation, and maintenance to ensure that the user's data remains secure. The first step to create a secure Internet platform is to find out the expected attacks and then take the necessary steps to protect your computer or network against such attacks.

Attack

An attack is the act of trying to bypass security controls on a computer system. It can be active or passive. An active attack is an attack in which the attacker manipulates data and adds unauthorized data. In a passive attack, the attacker only monitors and/or records data.

To secure a network from attacks, it is necessary to detect when and what type of attack is taking place. Some of the common attacks are listed bellow:

Password guessing attack

This attack occurs when an unauthorized user repeatedly tries to log on to a computer or network by guessing usernames and passwords. Many password-guessing programs that attempt to break passwords are available on the Internet. Following are the types of password guessing attacks:

  • Brute force attack: Brute force attack is a type of password guessing attack. In this type of attack, attackers systematically try every conceivable combination to find out the password of a user.
  • Dictionary attack: Dictionary attack is a type of password guessing attack. This type of attack uses a dictionary of common words to find out the password of a user. It can also use common words in either upper or lower case to find a password. There are many programs available on the Internet to automate and execute dictionary attacks.
DoS attack

A Denial-of-Service (DoS) attack causes a negative impact on the performance of a computer or network. This attack is designed to bring loss of network connectivity and services by consuming the bandwidth of the user's network. It is also known as network saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service attacks by sending a large number of protocol packets to a network. A DoS attack can cause the following:
  • Saturate network resources.

  • Disrupt connections between two computers, thereby preventing communication between services.

  • Disrupt services to a specific computer.
A Denial-of-Service attack is very common on the Internet because it is much easier to accomplish. Most of the DoS attacks rely on the weaknesses in the TCP/IP protocol. Some of the common DoS attacks are as follows:
  • SYN attack: A SYN attack is a common denial-of-service (DoS) technique. Using this technique, an attacker sends multiple SYN packets to the target computer. For each SYN packet received, the target computer allocates resources and sends an acknowledgement (SYN-ACK) to the source IP address. Since the target computer does not receive a response from the attacking computer, it attempts to resend the SYN-ACK. This leaves TCP ports in a half-open state. When an attacker sends TCP SYNs repeatedly, the target computer eventually runs out of resources and is unable to handle any more connections, thereby denying services to legitimate users.

    A SYN attack affects computers running on the TCP/IP protocol. It is a protocol-level attack that can render a computer's network services unavailable. A SYN attack is also known as SYN flooding.


  • PING attack: A PING attack is a denial-of-service technique. In this technique, a computer repeatedly sends illegitimate, oversized ICMP echo requests to another computer. PING attacks are targeted to specific TCP stacks that cannot handle ICMP packets. These attacks overload the targeted servers with fake packets.

  • Flood attack: In this attack, an attacker sends more and more traffic to the victim than it could handle. It is the simplest denial attack but most difficult to completely prevent.

  • Teardrop attack: In a Teardrop attack, corrupt packets are sent to the victim's computer by using IP's packet fragmentation algorithm. As a result of this attack, the victim's computer might hang.

  • Smurf attack: In this attack, an attacker sends a large number of ICMP echo requests at IP broadcast addresses using a fake source address. These requests appear to be coming from the victim's network address. Therefore, every computer within the broadcast domain starts sending responses to the victim. As a result, the victim's computer is flooded with responses.
Vulnerability attack

A vulnerability attack takes advantage of the vulnerabilities in an operating system or software service by entering the operating system and disrupting its working.

Impersonation attack

An impersonation attack attempts to access the computer by using a valid user password.

Replay attack

Replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network. These attackers then filter the data and extract the passwords, encryption keys, or digital signatures from the captured packets. In an attempt to obtain an authenticated connection, the attackers then resend this information to the system.

Man-in-the-middle attack

Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. The intermediary software or program allows attackers to listen to and modify the communication packets passing between the two hosts. The software intercepts the communication packets and then sends the information to the receiving host. The receiving host responds to the software, presuming it to be the legitimate client.

Spoofing

Spoofing is a technique that makes a transmission appear to have come from an authentic source by forging the IP address. In IP spoofing, a hacker modifies packet headers by using someone else's IP address to hide his identity. However, spoofing cannot be used while surfing the Internet, chatting on-line, etc., because forging the source IP address causes the responses to be misdirected.

Back Door

Back door is a program or account that allows access to a system by skipping the security checks. Many vendors and developers implement back doors to save time and effort by skipping the security checks while troubleshooting. Back door is considered to be a security threat and should be kept with the highest security. If a back door becomes known to attackers and malicious users, they can use it to exploit the system.

Hacking

Hacking is a process by which a person acquires illegal access to a computer or network through a security break or by implanting a virus on the computer or network.


Rating:



Other articles

Click here to Article home

 
uCertify.com | Our Company | Articles | Privacy | Security | Contact Us | News and Press Release | uCertify India
MCSE: MCSA, MCTS, MCITP    JAVA Certification: SCJP, SCWCD Cisco Certification: CCNA, CCENT, A+, Network+, Security+
Oracle Certification: OCP 9i, OCP 10g, OCA 9i, OCA 10g CIW foundation    EC-212-32    CISSP    Photoshop ACE    Adobe Flash ACE
© 2008 uCertify.com. All rights reserved. All trademarks are the property of their respective owners.