Various types of security attacks.

 Various types of security attacks 

Network attacks 

DNS cache poisoning attack 

  • It works by tricking a DNS server into accepting a fake DNS record that will point to a compromised DNS server. It then feeds you fake DNS addresses when you try to access legitimate websites. 
    Poisoned DNS cache

    Man in the middle attack 

    • An attack that places the attacker in the middle of 2 hosts that think they're communicating directly with each other. 
    • Session hijacking 
      • Session is taken over by an attacker. A session starts when you log into a service. The attack relies on the attacker's knowledge of your session cookie, so it is also called cookie hijacking. Session hijacking is done by stealing user's session key. This can be obtained by stealing the session cookie or persuading the user to click a malicious link containing a prepared session ID. The attacker can then perform any actions that the original user is authorized to do during the active session. 
      • More about session hijacking
      • Rogue access point 
        • A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well meaning employee or by a malicious attacker. 
        • Evil twin 
          • Is a hack attack in which a hacker sets up a fake Wi-Fi network that looks like a legitimate access point to steal victim's sensitive details. 
          • The fake Wi-Fi access point is used to eavesdrop on users and steal their login credentials or other sensitive information. 

          DOS(Denial Of Service) 

          DOS attack is an attack that tries to prevent access to a service for legitimate users by overwhelming the network or server. 
          • POD(ping of death)
            • Works by sending a malformed ping to a computer. The ping would be larger in size than what the internet protocol was made to handle. So it results in a buffer overflow. This can cause the system to crash and potentially allow the execution of malicious code. 
          • Ping flood 
            • Sends tons of ping packets to a system. More specifically, it sends ICMP echo requests, since a ping expects an equal number of ICMP echo replies. If a computer can't keep up with this, then it't prone to being overwhelmed and taken down. 
          • SYN flood 
            • The server is being bombarded with SYN packets. The server is sending back SYN-ACK packets but the attacker is not sending ACK messages, thereby making server's connection half-open.
          • DDOS
            • Distributed DOS attack is DOS attack using multiple systems. They are usually helped by botnet attackers. 

          Other attack

          Client side attacks 

          • Injection attacks
            • An injection attack is a malicious code injected in the network which fetched all the information from the database to the attacker. 
            • The primary reason for injection vulnerabilities is usually insufficient user input validation.
          • Types of injection attacks 
            • SQL injection : Refers to an attack where the attacker executes a malicious payload(malicious SQL statements) that control a web application database server. An attacker bypass a web application's authentication and authorization mechanisms and retrieve the contents of an entire database. To avoid this, developers need to either stop writing dynamic queries or prevent user-supplied input which contains malicious SQL from affecting the logic of the executed query. 
            • XSS : In XSS(Cross Site Scripting) attack, malicious scripts are injected into a web page, and are executed when that page is visited by a user. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. 
          • Password attacks 
            • Brute force attack : This involves guessing username and passwords to gain unauthorized access to a system. This can be prevented by distinguishing machine from real human by using software like reCAPTCHA. 
            • Dictionary attack : It tries out all the words that are commonly used in passwords. 


          REFERENCE 

          Comments

          Post a Comment

          Popular posts from this blog

          Terms in Security

          Image
          Security Terms  CIA triad  CIA triad is the core aspect when designing security policy. Confidentiality  Measurement to prevent sensitive information from unauthorized access attempts.  Integrity Maintaining the consistency, accuracy and trustworthiness of data over its entire life cycle.  Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people.  Availability  Information should be consistently and readily accessible for authorized parties. Basic terms used in security  Risk  The possibility of suffering a loss in the event of an attack on the system  Vulnerability Flaw in a system that could be exploited to compromise the system  0-day vulnerability is a vulnerability that is not known to the software d
          Read more

          Cryptography

          Image
           Cryptography  Basic Terminology  Encryption: cipher plain text and make it into unreadable message. cf) cipher is done by using encryption algorithm and key (which is unique for every cipher)  Decryption: reverse of encryption. Symmetric cryptography  Same key is used for encryption and decryption. Encryption algorithms for Symmetric cryptography : DES, RC4, AES  Asymmetric cryptography  Different keys are used for encryption and decryption.  Utilizes computational difficulty of large numbers.  But how do we know who sent the message ?? Anyone can peek at public key and anyone can argue that the message was from him. This is where digital signature comes into play.  Algorithms used in asymmetric cryptography  RSA(Rivest-Shamir-Adleman)  One of first practical asymmetric cryptography system. RSA system specifies mechanis
          Read more