Network Attacks against Confidentiality
Attackers can use many methods to compromise confidentiality. Following are some of the common methods:
Packet Capturing (Packet Sniffing): Packet Capturing (Packet Sniffing) is a type of network attack where the attacker capture the data packets (typically Ethernet frames) in travel. Once the data is captured, the attacker can read the sensitive data like passwords or card numbers, if the network traffic is not encrypted. The most widely used packet capture software is Wireshark.
Note: Wireshark is not a hacking tool, it is a well known network protocol analyzer used to troubleshoot network problems. But hackers misuse Wireshark with bad intentions.
Password Attacks: Password based attacks are used to hack the passwords of users of a target computer to gain access. Two types of password attacks are dictionary based attack (where an attacker tries each of the words in a dictionary or commonly used passwords to hack the user password) and brute force attack (where an attacker tries every single possible password combinations using Brute Force hacking tools to hack the user password).
Port Scanning and Ping Sweeps: Port Scanning is a type of network attack, where the attacker tries to discover the services running on a target computer by scanning the TCP/UDP ports. Here the attacker tries to establish connection to the TCP/UDP ports to find out which ports are open on a target computer. After finding which TCP/UDP ports are open, the attacker can find out which service is running on a target computer and which software product is running on a target computer. Finally attacker can attack and hack the target computer negotiating vulnerability in that software product.
A ping sweep is another kind of network attack where the intruder sends ping ICMP ECHO packets to a a range of IP addresses to find out which one respond with an ICMP ECHO REPLY . Thus the attacker can identify which computers are up and which computers are down.
Dumpster Diving: Dumpster diving is searching through company dumpsters for any information that can be useful for an attacker for attacking the network. Example: Serching for employee names, Software application product information, network infrastructure device make and models etc.
Wiretapping: Wiretapping is a type of network attack where the attacker hacks the telecommunication devices listen to the phone calls of others.
Keylogger: A keylogger is a program that runs in the background of a computer, logging the user’s keystrokes. After a user enters a password, it is stored in the log created by the keylogger and forwarded to the attacker.
Phishing and Pharming: Phishing is an attempt to hack sensitive information (usually financial information like bank userid/password credit card details etc), by sending unsolicited emails with faks URLs. Pharming is another network attack aimed at redirecting the traffic of one website to another website.
Social Engineering: Social Engineering is type of attack in which someone with very good interactive skills manipulates others into revealing information about network that can be used to steal data.
Network Attacks against Integrity
Salami attacks: Salami attacks are a series of minor data security attacks that together result in a larger attack. For example, deducting a very small amount or money from a bank account which is not noticeable. But when the deduct very small amounts from large number of accounts, it become a huge amount.
Data diddling attacks: Data diddling is an illegal or unauthorized data alteration. Changing data before or as it is input into a computer or output. Example: Account executives can change the employee time sheet information of employees before entering to the HR payroll application.
Trust relationship attacks: Trust relationship attacks exploit the trust between different devices in a network.
Man-in-the-middle attacks: A man-in-the-middle attack is a type of network attack where the attacker sits between two devices that are communicating to manipulate the data as it moves between them.
Session hijacking attacks: Session hijacking is another type of network attack where the attacker hacks a computer session to gain unauthorized access to information or services in a computer system.f
Network Attacks against Avilability
DoS (Denial of Service attacks): DOS Attack is a type of attack to a network server with large number or service requests with it cannot handle. DoS (Denial of Service Attack) can causes the server to crash the server and legitimate users are denied the service.
DDoS (Distributed Denial of Service attacks ): Distributed Denial of Service attack (DDoS) is a type of DoS attack, originating from many attacking computers from different geographical regions.
SYN flood attacks and ICMP flood attacks: SYN flood attacks are type of attacks where attacker sends many TCPSYN packets to initiate a TCP connected, but never send a SYN-ACK pack back. In ICMP flood attack the victim computer is sent with many false ICMP packets.
Electrical power attacks: Attacks involve power loss, reduction, or spikes.
Server Room Environment attacks: Fire, Temperature, water, humidity etc
No comments:
Post a Comment