Common Network Attacks
Network attacks have always been around but they are getting more advanced every day. These attacks are also easy to set up and use. In the past these types of attacks would have to be pulled off by someone who really knew about computers and to know what they are doing. That's a true hacker, now there are programs that do the same damage and sometimes more with a couple clicks of a mouse, so now anybody can bring down a network. The only thing that changes is the motivation of the person. Some People that run scripts or programs don't always know what the program does, so they click on some buttons and the program does its thing, if it fails sometimes the person stops there and gives up. But there are people who want to do some real damage to a company these people usually have organizations like the Anonymous group. So what are some of the common attacks people or organizations do? Well in a company the network administrators might focus on the outside of the network, but have their inside network unsecure or extremely weak. So if somebody on the inside was able to execute and attack it could have a huge effect on the network. So attacks that could occur:
Reconnaissance Attacks: Gather information about the network, this could be anything from ping sweeps, to port scanners, IP scanners, etc. The goal of this type of attack to gather information on the network and exploit its weak areas.
Access Attacks: Try to steal or attempt to steal data. Financial information, classified information, critical information and even international espionage.
Denial of service (DoS) attacks. Which has three types of DoS types
- Destroyers: which harm computers, by erasing data and software
- Crashers: cause harm by causing computers to fail or causing the machine to be unable to commutate with the network or connect to the network.
- Flooders: Flood the network with packets to make the network unusable and preventing any useful communication making the service appear unavailable.
Computer viruses are one of the many tools that could be used to carry out these types of attacks. Along with access to unsecured wireless networks. This makes the network weak if the computer or host is able to access ever device on that network. Infected laptops if the user brings the computer home from the office, that computer could get infected and exposing classified information and even have the potential to infect other computers. Employees could with or without knowing that what they download or save on USBs could cause harm to the company. A good security policy is recommended along with some helpful network access tools and components. These security tools can always stop attacks but they can slow somebody down and maybe be alerted to higher authority. Viruses are a common thing to get on a computer that is not protected with antivirus software or that virus could be a zero-day attack so the software does not have the virus in its signature database. But there are more than just viruses out there like:
- Scanners: Are a tool that sends connection requests to a different TCP or UDP port, different applications. This attempt tries to discover which hosts or computers have IP services and possibly the operating system.
- Spyware: A virus that looks for private or sensitive information, like tracking websites the user visits. What the user does with the computer, and passing that information back to the attacker.
- Worm: A self-propagating program that can quickly spread and copy itself around the network or even the internet. This type of program also can do DoS attacks on servers and computers.
- Keystroke Loggers: A virus that logs all keystrokes, capturing your username and passwords to secure sites. Giving the attacker access to your personal information.
- Phishing: The attacker sets up a fake website that looks exactly like a legitimate website often from banks and or credit card companies. Sometimes the user will get an e-mail and a link to the website, the user clicks on the link and is directed to the fake website. The user then puts in login information or personal information. Giving the attack access to the user's bank or personal information
Although this is brief it gives you an overview of the different types of security attacks network and host based. This can go into a lot more information and if you want to find more information about an attack and the ways to stop or slow down the attack a simple web search will be able to point you in the right direction. If you have any questions or comments feel to comment below.