ATTACKS
An attack
is an act of or action that takes advantage of a vulnerability to compromise a
controlled system.
It is
accomplished by a threat agent that
damages or steals an organization’s information or physical asset.
Vulnerability is an identified weakness in a
controlled system, where controls are not
present or are no longer effective.
Attacks
exist when a specific act or action comes into play and may cause a potential
loss.
ü
Malicious
code
The
malicious code attack includes the execution of viruses, worms, Trojan horses,
and active Web scripts with the intent to destroy or steal information.
The state
–of-the-art malicious code attack is the polymorphic or multivector, worm.
These
attack programs use up to six known attack vectors to exploit a variety of
vulnerabilities in commonly found information system devices.
ü
Attack
Replication Vectors
IP scan & attack
Web browsing
Virus
Unprotected shares
Mass mail
Simple Network Management Protocol(SNMP)
ü IP scan & attack
The
infected system scans a random or local range of IP addresses and targets any
of several vulnerabilities known to hackers.
ü Web browsing
If the
infected system has write access to any Web pages, it makes all Web content
files (.html,.asp,.cgi & others) infectious, so that users who browse to
those pages become infected.
ü Virus
Each
infected machine infects certain common executable or script files on all
computers to which it can write with virus code that can cause infection.
ü Unprotected shares
Using
vulnerabilities in file systems and the way many organizations configure them,
the infected machine copies the viral component to all locations it can reach.
ü Mass Mail
By
sending E-mail infections to addresses found in the address book, the infected
machine infects many users, whose mail -reading programs also automatically run
the program & infect other systems.
ü Simple Network Management Protocol (SNMP)
By using
the widely known and common passwords that were employed in early versions of
this protocol, the attacking program can gain control of the device. Most
vendors have closed these vulnerabilities with software upgrades.
Examples
Hoaxes
ü A more
devious approach to attacking the computer systems is the transmission of a
virus hoax with a real virus attached.
ü Even
though these users are trying to avoid infection, they end up sending the
attack on to their co-workers.
Backdoors
ü Using a
known or previously unknown and newly discovered access mechanism, an attacker
can gain access to a system or network resource through a back door.
ü Sometimes
these entries are left behind by system designers or maintenance staff, and
thus referred to as trap doors.
2.5.1 A trap door
is hard to detect, because very often the programmer who puts it in place also
makes the access exempt from the usual audit logging features of the system.
Password Crack
ü Attempting
to reverse calculate a password is often called cracking.
ü A password
can be hashed using the same algorithm and compared to the hashed results, If
they are same, the password has been cracked.
ü The (SAM)
Security Account Manager file contains the hashed representation of the user’s
password.
Brute Force
ü The
application of computing & network resources to try every possible
combination of options of a password is called a Brute force attack.
ü This is
often an attempt to repeatedly guess passwords to commonly used accounts, it is
sometimes called a password attack.
Spoofing
It is a
technique used to gain unauthorized access to computers, where in the intruder
sends messages to a computer that has an IP address that indicates that the
messages are coming from a trusted host.
Dictionary
ü This is another
form of the brute force attack noted above for guessing passwords.
ü The dictionary attack narrows the field by
selecting specific accounts to attack and uses a list of commonly used
passwords instead of random combinations.
Denial –of- Services(DOS) & Distributed Denial
–of- Service(DDOS)
ü The
attacker sends a large number of connection or information requests to a
target.
ü This may
result in the system crashing, or simply becoming unable to perform ordinary
functions.
ü DDOS is
an attack in which a coordinated stream of requests is launched dagainst a
target from many locations at the same.
Man-in-the –Middle
ü Otherwise
called as TCP hijacking attack.
ü An
attacker monitors packets from the network, modifies them, and inserts them
back into the network.
ü This type
of attack uses IP spoofing.
ü It allows
the attacker to change, delete, reroute, add, forge or divert data.
ü TCP
hijacking session, the spoofing involves the interception of an encryption key
exchange.
SPAM
· Spam is
unsolicited commercial E-mail.
· It has
been used to make malicious code attacks more effective.
· Spam is
considered as a trivial nuisance rather than an attack.
· It is the
waste of both computer and human resources it causes by the flow of unwanted
E-mail.
Mail Bombing
ü Another
form of E-mail attack that is also a DOS called a mail bomb.
ü Attacker
routes large quantities of e-mail to the target.
ü The
target of the attack receives unmanageably large volumes of unsolicited e-mail.
ü By
sending large e-mails, attackers can take advantage of poorly configured e-mail
systems on the Internet and trick them into sending many e-mails to an address
chosen by the attacker.
ü The
target e-mail address is buried under thousands or even millions of unwanted
e-mails.
Sniffers
ü A sniffer is a program or device that can
monitor data traveling over a network.
ü Unauthorized
sniffers can be extremely dangerous to a network’s security, because they are
virtually impossible to detect and can be inserted almost anywhere.
ü Sniffer
often works on
TCP/IP networks, where they are sometimes called
“packet
Sniffers”.
Social Engineering
2.5.3 It is the
process of using social skills to convince people to reveal access credentials
or other valuable information to the attacker.
2.5.4 An
attacker gets more information by calling others in the company and asserting
his/her authority by mentioning chief’s name.
Buffer Overflow
ü A buffer
overflow is an application error that occurs when more data is sent to a buffer
than it can handle.
ü Attacker
can make the target system execute instructions.
Timing Attack
ü Works by
exploring the contents of a web browser’s cache.
ü These
attacks allow a Web designer to create a malicious form of cookie, that is
stored on the client’s system.
ü The
cookie could allow the designer to collect information on how to access
password-protected sites.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.