Three Types of Attacks


There are several types of attacks on networks. Some aim to gain information or access to restricted locations, whereas others focus on bringing down computers. These attacks are categorized into three main types:

  • Reconnaissance attacks

  • Access attacks

  • Denial-of-service attacks

Reconnaissance Attacks

A reconnaissance attack is a form of information gathering from a network or computer system. Hackers might start mapping out a network using tools such as ping sweepers to locate active computers. Additional information, such as operating systems in use and available open ports, can be acquired through port scanners and Simple Network Management Protocol (SNMP). Reconnaissance attacks usually occur prior to a denial-of-service (DoS) or access attack.

Access Attacks

The access attacks involve collecting or obtaining access to data or networks that usually are not available to the individual. These attacks can come in several forms, including unauthorized data retrieval, unauthorized system access, and unauthorized privilege escalation. This form of attack can be accomplished in several ways; however, two common hacking tools used to gain access are password hacking programs and Trojan horses. The types of access attacks are described in the following list:

  • Unauthorized data retrieval ” The process of reading, writing, and possibly deleting normally inaccessible information

  • Unauthorized system access ” The process of gaining access to a system by exploiting a weakness in the operating system

  • Unauthorized privilege escalation ” The process in which a low-level user tries to gain a higher level of access such as administrator-level privileges

graphics/alert_icon.gif

A Trojan horse is an impostor that hides inside an email message or another program. When the email is opened or the program launched, the Trojan horse is released, causing unlimited possible problems. This type of attacking mechanism (which Cisco might reference as a virus , on the exam) can delete files, steal passwords, give access to remote systems, or even download more Trojan horses and viruses.


Denial-of-Service Attacks

Hackers use denial-of-service (DoS) attacks when trying to disable, slow down, or corrupt a network, thus denying service to the network's intended users. Even though the hacker might not actually have a valid user account on the network computers, if network access is achieved, the hacker can launch an attack. This attack typically floods the targeted computer or network with traffic with the intention to disable it.

Distributed DoS (DDoS) attacks combine the power of multiple attacking computers, which focus their attacks on a single receiving computer or network. Because DDoS attacks can come from so many computers in different geographical areas, administrators have extreme difficulty repelling such attacks. For example, if a single computer pings a Web server, little stress is placed on the server. However, if 10,000 computers are pinging a Web server all at the same time, the server can be so busy responding to the ping requests that users accessing a Web page time out and never receive the page. These types of attacks are some of the most feared by network administrators because blocking all the attacking computers without blocking legitimate users is very difficult.

graphics/alert_icon.gif

Denial-of-service and distributed DoS attacks send large amounts of useless traffic into a network to disable or cripple a server or network.




CSPFA Exam Cram 2 (Exam 642-521)
CCSP CSPFA Exam Cram 2 (Exam Cram 642-521)
ISBN: 0789730235
EAN: 2147483647
Year: 2003
Pages: 218

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net