There are several types of attacks on networks. Some aim to gain information or access to restricted locations, whereas others focus on bringing down computers. These attacks are categorized into three main types:
A reconnaissance attack is a form of information gathering from a network or computer system. Hackers might start mapping out a network using tools such as ping sweepers to locate active computers. Additional information, such as operating systems in use and available open ports, can be acquired through port scanners and Simple Network Management Protocol (SNMP). Reconnaissance attacks usually occur prior to a denial-of-service (DoS) or access attack.
The access attacks involve collecting or obtaining access to data or networks that usually are not available to the individual. These attacks can come in several forms, including unauthorized data retrieval, unauthorized system access, and unauthorized privilege escalation. This form of attack can be accomplished in several ways; however, two common hacking tools used to gain access are password hacking programs and Trojan horses. The types of access attacks are described in the following list:
Hackers use denial-of-service (DoS) attacks when trying to disable, slow down, or corrupt a network, thus denying service to the network's intended users. Even though the hacker might not actually have a valid user account on the network computers, if network access is achieved, the hacker can launch an attack. This attack typically floods the targeted computer or network with traffic with the intention to disable it.
Distributed DoS (DDoS) attacks combine the power of multiple attacking computers, which focus their attacks on a single receiving computer or network. Because DDoS attacks can come from so many computers in different geographical areas, administrators have extreme difficulty repelling such attacks. For example, if a single computer pings a Web server, little stress is placed on the server. However, if 10,000 computers are pinging a Web server all at the same time, the server can be so busy responding to the ping requests that users accessing a Web page time out and never receive the page. These types of attacks are some of the most feared by network administrators because blocking all the attacking computers without blocking legitimate users is very difficult.