Network Security information

In today’s IT world it is very important to understand the necessity of security of network security and data protection.
To protect yourself and the network from any data theft and for avoiding things like website defacement, data corruption, we need to understand the ways in which they can be exploited.
There are numerous types of network attack, following are a few of them-
1) Denial of Service attack ( DoS ) or Distributed Denial of Service attack ( DDoS )
2) Social Engineering attacks
3) IP spoofing attack
4) DNS hijacking
5) Password sniffing attack (using brute force or Dictionary attack)

1) Denial of Service attack (DoS) or Distributed Denial of Service attack (DDoS)- These kind of attacks are generally executed so as to make the server unusable thereby damaging the company image
There are different types of DoS attacks-
i. SYN flood attack
ii. Ping of Death attack
iii. Smurf attack, etc.
2) Social engineering attack-
This type of attack does not need any technical skillset. It can be done via just listening to telephone conversation, talking to the different people in company so as to gather more information, collecting information from web, chat conversation or any documents that provide company related information.
This kind of information gathering is useful to find out the kind of OS, technology etc. that is used in the company.
3) IP spoofing attack-
In this kind of attack, the initiator spoofs the source ip address and sends packets to the destination. Here the destination computer replies back to the spoofed ip address.
It can be used to send fake information to look like if it is coming from authentic of reliable source. It is used to gain unauthorized access to the resources. However it can also be used to do DOS attack against the victim.
4) DNS Hijacking-
This kind of attack can be done by providing rogue DNS server in the infrastructure. This DNS server is then used to redirect legitimate DNS request towards dummy or malicious website/ service thereby allowing the user to login or to use the service and collect the information about the legitimate user. The information could be anything from
Login user name, password, mail address, etc.
5) Password sniffing attack-
This kind of attack is used to find out username and password credentials for a user. One can do it by sniffing the network traffic or by getting access to the authentication files. In Windows the example could be SAM database. This can be done even for services like telnet. The basic ways to get the information can be using brute force attack or dictionary attack.

Replies

sarveshgupta

Nice information Rahul 😀
Manish Goyal

Nice information Rahul
if you have more information on ip spoofing then please share
David005

Hi

Do you have any idea about the OWASP top 10 risks
Reya

#-Link-Snipped-# You mean OWASP web application security risks?
David005

#-Link-Snipped-#... Yes, its the web application security OWASP top 10...Do you have any idea about this??? Pls let know...
Dancer_Engineer

#-Link-Snipped-#, take a look at these links:
#-Link-Snipped-#
#-Link-Snipped-#
David005

@Dance_Engineer, I have a theoretical knowledge of what is all OWASP, but Im not getting any idea of how to implement it in my code... Im dont have the practical knowledge about this... Pls let me know if anyone can help me in this.....

You are reading an archived discussion.

Network Security information

Replies

Related Posts

want to become a successful me engineer

Tata DOCOMO New Year Ideas: Wonderful

need help for summer training

Google bringing Nexus One

C++ Viva Questions