Security Attacks

What is Social Engineering?

Social engineering is the method by which an attacker will gain information about a person or system by manipulating people within the organization. Using this method to gain access to a network does not always involve complex computer hacking techniques. A phone can be a hacker’s best friend. Many times an individual will call a company (usually a new employee) and pretend that they are calling from Information Systems. They may ask the user to verify their username and password for records. Once the hacker obtains this information they can access network resources.

What is Identity Interception/Theft?

Identity Interception is when an attacker gains all the information necessary about a user to masquerade themselves as that user. This information usually includes a username and password. Identity Interception is usually executed through Social Engineering.

What does it mean to Masquerade?

This is when an unauthorized user or system pretends to be a valid user or system. An attacker has somehow obtained login credentials to masquerade as a trusted user. They might also assume the IP address of a valid system and obtain the access rights granted to that trusted system.

What is a Replay Attack?

This is when an intruder uses a packet sniffing tool to record some type of network activity to replay later. An attacker may record network traffic associated with authentication between a user and a server. The attacker can then replay (resend) the data at a later time to gain access as that user.

What is Data Interception?

An attacker will use a packet sniffing tool to capture data moving across the network in plaintext. The attacker can then read the contents of those packets.

What is Manipulation?

The attacker modifies or corrupts the data passing on the network. This may be used to disable functionality of the network or it can be used to change information entries. This attack is very common on networks that contain unencrypted financial information.

What is Spoofing?

Spoofing is a technique used to gain unauthorized access to a network by changing packet information that will make the attacker’s machine appear as if it is a trusted system. One of the most common spoofing techniques is called IP Spoofing. This can be done if a hacker can determine the IP of a machine on the network, he can then modify his packet headers to appear as if it they are coming from the trusted IP address. This allows the attacker’s machine to assume the roll of a trusted machine on the network.

What is Repudiation?

As transactions take place in a digital environment it is very important that all parties involved in the conversation can verify each other’s identity. When the recipient of a message or transaction cannot verify the sender, they are a victim of repudiation. Non-repudiation means that the party’s identity has been established and validated.

What is Denial of Service (DOS)?

This is when an intruder floods a network device, usually a server, in attempt to consume all its resources or crash it. Lack of resources will keep a server from performing its designated function and crashes can open up additional security vulnerabilities to the attacker.

What is a Distributed Denial of Service (DDOS)?

This is the same concept as a DOS, but the attack is performed on a target from multiple locations at the same time. Most DDOS attacks require the attacker to compromise other systems in order to use them as a tool in his or her DDOS attack against the target. The compromised machines used in the attack are known as “Zombies”. Many security experts believe that DDOS attacks are the hardest to defend against.

What is Malicious Mobile Code (MMC)?

MMC can be defined as any program or script designed to perform a function on a computer that is unwanted or unknown by the end user.

What is Abuse of Privileges?

This is when users are given rights that could allow them to obtain private data or access private resources for reasons other than their intended uses. An example would be if an administrator of a computer used their privileges to access another user’s information on that computer for malicious purposes.

What is a Hoax?

This attack is most often executed through email. The attacker will send an email telling the users to install the attached file to prevent a computer virus. The user tries to take preventative measures by installing the patch and passing it on to their friends. What they did not know was that the email was a hoax and the patch they installed was in fact a virus itself.

What is a BackDoor?

This could be an access mechanism (BackDoor) created by an administrator so that he or she could work on the server from home. An attacker may discover and exploit the access mechanism to obtain access to servers or other network resources. This attack usually goes undetected since administrators exclude this access mechanism from their usual security logs and audits to prevent alerts when working on servers from home. BackDoors can also be the result of a Trojan Horse that was unknowingly installed on a computer.

What is Password Cracking?

This is an attacker’s attempt to reverse engineer a password. Most authentication systems contain hashed values of a user’s password. The attacker uses password cracking tools which attempt to guess the password by running guesses through the same hash and comparing its output to the user’s hashed password. Once the attacker achieves a match, they have cracked the password.

What is Brute Force?

This is an application that attempts to try every possible combination of a password. In many instances it could take a computer many years to try every possible combination. If the attacker can find out information about the authentication system they can dramatically decrease the number of possible combinations. For example, if an attacker new that the password was a four digit number he could use Brute Force applications to try every password in a matter of seconds.

What is a Dictionary Attack?

A Dictionary Attack is a form of Brute Force. An attacker obtains a username and then tries commonly used passwords, which can be pulled from a dictionary database. This has proven to be an easy way to gain access due to users not picking secure passwords. There are also Hacker’s Dictionaries available that include commonly used passwords not included in a standard dictionary.

What is a Man in the Middle Attack?

The man in the middle attack is one of the most well known attacks used against networks. The attacker executes this attack utilizing a packet sniffer and collecting packets from the network. The attacker then modifies the packets and sends them back out onto the network. This attack allows the attacker to masquerade as another user or machine on the network. The man in the middle attack can also be used to intercept encryption keys. If an attacker is able to obtain these keys they have be ability to do one of two things. Either they could copy the keys and send them onto the appropriate recipients, or the attacker could copy the keys and generate their own keys to send onto the receivers. In the first instance an attacker would be able to read all encrypted messages and be able to generate their own messages based on the compromised key. However, if the attacker sends their own keys to the intended recipients then the attacker would be able to decide what messages are actually sent between the communicating parties because each sender would think that they were communicating directly with the intended party. Instead they would be sending all of their information only to the attacker. The attacker would also be able to masquerade as either user to cause tremendous havoc to the entities involved. If a man in the middle attack is successful it can be devastating.

What is Mail Bombing?

Mail Bombing is a type of E-mail attack in which an attacker sends large quantities of e-mail or large e-mails to a target. This can be an effective Denial of Service attack because some mail systems are unable to manage large quantities of e-mail. Or simply, a user’s Inbox may only be permitted to have a certain volume of information. Therefore, if an Inbox is filled up, and not properly monitored, it can prevent systems or users from functioning normally.

What is a Buffer Overflow?

A Buffer Overflow occurs whenever an application gets more data than it can process. Buffer overflows can allow an attacker to execute malicious code, obtain information about a system, or crash the program. In some cases crashing the program could open up other security vulnerabilities that would not otherwise exist.

What is a Timing Attack?

A Timing Attack manipulates the cookies on a computer system. A cookie or spyware may be installed on a system and collect and send information when a user goes to a site that is password protected.

Source : Some where on the net .But i missed the Exact page .

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.