Monday, April 24, 2017

network-based attacks

Most types of attacks are considered network-based attacks where the hacker performs the attack from a remote system. There are a number of different types of network attacks:

Eavesdropping attack This widely used type of attack typically involves the use of network monitoring tools to analyze and read communications on the network.

Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.

Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker unintentionally.

Denial of service A denial of service (DOS) is a type of attack that causes the system or its services to crash. As a result, the system cannot perform its purpose and provide those services.

Distributed denial of service (DDOS) The hacker uses multiple systems to attack a single target system. A good example is the SMURF attack, in which the hacker pings a number of computers but modifies the source address of those packets so that they appear to come from another system (the victim in this case). When all of these systems receive the ping request, all systems will reply to the same address, essentially overburdening that system with data.
Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a command prompt or shell.

Exploit attack In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.