comp.org.uk

Networking | Programming | Security | Linux | Computer Science | About

Types of Network Attacks

It is important to understand the different types of network attacks used by hackers. To mitigate these attacks, it is useful to first categorize the various types of attacks. The most common categories of network attacks are reconnaissance attacks, access attacks, and denial of service (DoS)/distributed denial of service (DDoS) attacks.

Reconnaissance Attacks

A reconnaissance attack is an attempt to learn more about the intended victim before attempting a more intrusive attack. Hackers use reconnaissance (or recon) attacks to do unauthorized discovery and mapping of systems, services, or vulnerabilities. Tools such as information queries via the WHOIS service, ping sweeps, port scans, vulnerability scanners, and exploitation tools are common techniques used by hackers when performing reconnaissance attacks.

Access Attacks

After gathering the necessary information during the reconnaissance phase of the attack, the hacker will usually attempt to access the network. Access attacks exploit known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information. The hacker's main objectives may be to retrieve protected information, gain access to secure areas of the network, or escalate its access privileges.

There are six common types of access attacks:

DoS and DDoS Attacks

DoS attacks attempt to consume all of the resources of a critical computer or network in order to make it unavailable for valid use. A DoS attack typically results in some sort of interruption of service to users, devices, or applications. Malicious hosts can also coordinate to flood a victim with an abundance of attack packets, so that the attack takes place simultaneously from potentially thousands of sources.

This type of attack is called a DDoS attack. DDoS attacks typically emanate from networks of compromised systems, known as botnets. DDoS attacks can also use reflection and amplification to augment their impact on the victim. A reflection attack is a type of DoS attack in which the attacker sends a flood of protocol request packets to various IP hosts. These reflectors respond by sending response packets to a specific target, thus flooding it. In an amplification attack, a small forged packet elicits a large reply from the reflectors.

Examples of DoS attacks are


Published on Wed 28 March 2012 by Hilary Fenton in Security with tag(s): threats