Network Security Attack Types
Rajeev kumar
Director | Cyber Security Trainer | SME | Security Architect | Public Speaker | NGO | Founder
Glossary
Description
ARP spoofing?
is the process of linking an attacker’s MAC address with the IP address of a legitimate user on a local area network using fake ARP messages Tools – ArpSpoof, Cain & Abel
ARP poisoning
ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends Address Resolution Protocol messages onto a local area networ
DNS spoofing
also known as DNS cache poisoning, involves infiltrating a DNS server and altering a website’s address record.?security?hacking ?in which corrupt?Domain Name System ?data is introduced into the?DNS resolver 's?cache , causing the?name server ?to return an incorrect result record, e.g. an?IP address . This results in?traffic being diverted ?to the attacker's computer. This technique can also be used for?phishing ?attacks, where a fake version of a genuine website is created to gather personal details such as bank and credit/debit card details. VARAINTS
1.?????Redirect the target domain's name server ??
Phishing
is the fraudulent attempt to obtain?sensitive information ?such as usernames, passwords and?credit card ?details by disguising as a trustworthy entity in an?electronic communication .[1] [2] ?Typically carried out by?email spoofing [3] ?or?instant messaging ,[4] ?it often directs users to enter personal information at a fake website, the?look and feel ?of which are identical to the legitimate site
1.?????Phishing attempts directed at specific individuals or companies have been termed?spear phishing
2.?????Clone phishing is a type of phishing attack whereby a legitimate, and previously delivered, email containing an attachment or link has had its content and recipient address(es) taken and used to create an almost identical or cloned emai
3.?????The term?whaling?has been coined for spear phishing attacks directed specifically at senior executives and other high-profile targets
IP Spoofing
When an IP spoofing attack occurs, this source details that IP address which specifies the sender of the packet is not actual, but a bogus IP address which is permitted to access the website. Blind Spoofing - attacker transmits multiple packets to his intended target to receive a series of numbers, o that he can analyze the sequence number, now he can inject stream?Non- Blind Spoofing - cracker resides on the same subnet as his intended target so that he is aware of the sequence of the packets.?
Prevention -HTTPS, IPv6, Monitoring Framework Unicast Reverse Path Forwarding (This security feature works by enabling a router to verify the reachability of the source address in packets being forwarded). Antispoofing with Access Lists
MAC Flooding
Method of attacking the network switches. However, the victim of the attack is a host computer in the network. to takedown this MAC Table. The MAC addresses of legitimate users will be pushed out of the MAC Table.
Prevention – Port Security, (Authentication with AAA/Implement IEEE 802.1X), Prevent ARP Spoofing or IP Spoofing
Bruteforce attack
Dictionary attack
领英推荐
Hybrid attack
Rainbow table attacks
A?rainbow table attack?is a type of hacking wherein the perpetrator tries to use a?rainbow?hash?table?to crack the passwords stored in a database system. A rainbow table?is a hash function used in cryptography for storing important data such as passwords in a database.
Role based attacks
Wiretapping(P)
Idle Scan(P)
s a?TCP ?port scan ?method that consists of sending?spoofed ?packets to a computer[1] ?to find out what services are available. This is accomplished by impersonating another computer called a "zombie" (that is not transmitting or receiving information) and observing the behavior of the ''zombie' ' system.
VLAN Hopping
a method of attacking networked resources on a?virtual LAN ?(VLAN). switch spoofing - attacking host imitates a trunking switch?and?double tagging - an attacker connected to an?802.1Q -enabled port prepends?two VLAN tags ?to a frame that it transmits.
Prevention – Ensure that ports are not set to negotiate trunks automatically by disabling?DTP : Double Tagging can only be exploited on switch ports configured to use?native VLANs.[2] :162?Trunk ports configured with a?native VLAN?don't apply a VLAN tag when sending these frames
Smurf Attack
is a?distributed denial-of-service attack ?in which large numbers of?Internet Control Message Protocol ?(ICMP) packets with the intended victim's?spoofed ?source IP are broadcast to a?computer network ?using an IP?broadcast address . Victim is flooded with ICMP echo response
1.???Prevention – Configure individual hosts and routers to not respond to ICMP requests or broadcasts; or
2.???Configure routers to not forward packets directed to broadcast addresses
MAN IN THE MIDDLE (MITM) ATTACK
-Attackers wishing to take a more active approach to interception may launch one of the following attacks:
IP spoofing, ARP spoofing, DNS spoofing
heuristic
How anti virus works – Signature based method & Heuristic method (Behaviour of a program)
Replay Attack
is a form of network attack in which a valid data transmission is maliciously or .... Active wiretapping?