Untitled Document

What is An Attack?

An attack is any Activity to steal information ,destroy , expose, modify,enable/ disable or gain unauthorized to or make unauthorized use of an asset

Types of an attack

  • 1. DoS
  • 2. DDoS
  • 3. IP Spoofing
  • 4. Sniffers
  • 5. Man-in-the-middle
  • 6. Peivilege misuse
  • 7. Password cracking

1. DOS

attacks stands for Denial-Of-Service Attack, a type of attack on a computer network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death andTeardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers.

2. DDoS

DDoS stands for Distributed Denial of Service. In this types of attack where multiple computer shares common networ which are often infected with a Trojan, are used to target a single system causing a Denial of Service (DoS) attack

3. IP Spoofing

IP Spoofing means, pretending to be something you are not. In Internet terms it means pretending to be a different Internet address from the one you really have in order to gain something. That might be information like credit card numbers, passwords, personal information or the ability to carry out actions using someone else's identity. IP spoofing attack involves forging ones source address. It is the act of using one machine to impersonateanother. Spoofing is an active security attack in which one machine on the network masquerades as a different machine. As an active attack, it disrupts the normal flow of data and may involve injecting data into the communications link between other machines. This masquerade aims to fool other machines on the network into accepting the impostor as an original, either to lure the other machines into sending it data or to allow it to alter data. The meaning of "spoof" here is not "a light-hearted parody," but rather "a deception intended to trick one into accepting as genuine something that is actually false." Such deception can have grave consequences because notions of trust are central to many networking systems. In reality, the attacker is fooling (spoofing) the distant computer into believing that they are alegitimate member of the network. The goal of the attack is to establish a connection that willallow the attacker to gain root access to the host, allowing the creation of a backdoor entry path into the target system.

4. Sniffers

Sniffers is also known as network monitors data flowing via computer network links. It can be a self-contained software program or a hardware device with the appropriate software or firmware programming. Also sometimes called network probes or snoops, sniffers examine network traffic, making a copy of the data but without redirecting or altering it. Some sniffers work only with TCP/IP packets, but the more sophisticated tools can work with many other protocols and at lower levels including Ethernet frames.

5. Man-in-the-middle

Man In Middle As the name suggests, this attack vector involves the attacker placing himself–or his malicious tools–between the victim and a valuable resource, such as a banking Website or email account. These attacks can be highly effective and quite difficult to detect, especially for users who aren't aware of the dangers the attacks present

6. Peivilege misuse

Privilege Misuse attack is a type of network program that takes advantage of programming errors or design flaws to grant the attacker privilege access to the network and its associated data and applications. There are two types of privilege misuse attackst

1. Vertical privilege misuse

2. Horizontal privilege misuse

7. Password cracking

Password cracking is the process of recovering password from file or database. Hackers use some technique to break password and after that steel information from computer or network.

Untitled Document