Network Security information

Rahul Jamgade

Rahul Jamgade

@rahul-yHGH3D Oct 14, 2024

In today’s IT world it is very important to understand the necessity of security of network security and data protection.
To protect yourself and the network from any data theft and for avoiding things like website defacement, data corruption, we need to understand the ways in which they can be exploited.
There are numerous types of network attack, following are a few of them-
1) Denial of Service attack ( DoS ) or Distributed Denial of Service attack ( DDoS )
2) Social Engineering attacks
3) IP spoofing attack
4) DNS hijacking
5) Password sniffing attack (using brute force or Dictionary attack)

1) Denial of Service attack (DoS) or Distributed Denial of Service attack (DDoS)- These kind of attacks are generally executed so as to make the server unusable thereby damaging the company image
There are different types of DoS attacks-
i. SYN flood attack
ii. Ping of Death attack
iii. Smurf attack, etc.
2) Social engineering attack-
This type of attack does not need any technical skillset. It can be done via just listening to telephone conversation, talking to the different people in company so as to gather more information, collecting information from web, chat conversation or any documents that provide company related information.
This kind of information gathering is useful to find out the kind of OS, technology etc. that is used in the company.
3) IP spoofing attack-
In this kind of attack, the initiator spoofs the source ip address and sends packets to the destination. Here the destination computer replies back to the spoofed ip address.
It can be used to send fake information to look like if it is coming from authentic of reliable source. It is used to gain unauthorized access to the resources. However it can also be used to do DOS attack against the victim.
4) DNS Hijacking-
This kind of attack can be done by providing rogue DNS server in the infrastructure. This DNS server is then used to redirect legitimate DNS request towards dummy or malicious website/ service thereby allowing the user to login or to use the service and collect the information about the legitimate user. The information could be anything from
Login user name, password, mail address, etc.
5) Password sniffing attack-
This kind of attack is used to find out username and password credentials for a user. One can do it by sniffing the network traffic or by getting access to the authentication files. In Windows the example could be SAM database. This can be done even for services like telnet. The basic ways to get the information can be using brute force attack or dictionary attack.
Like 0 Replies 7

Replies

Welcome, guest

Join CrazyEngineers to reply, ask questions, and participate in conversations.

Sign up Log in

CrazyEngineers powered by Jatra Community Platform

  • sarveshgupta

    sarveshgupta

    @sarveshgupta-txtmu5 Dec 30, 2009

    Nice information Rahul 😀
    0
  • Manish Goyal

    Manish Goyal

    @manish-r2Hoep Dec 31, 2009

    Nice information Rahul
    if you have more information on ip spoofing then please share
    0
  • David005

    David005

    @david005-JohpZ1 Jul 4, 2012

    Hi

    Do you have any idea about the OWASP top 10 risks
    0
  • Reya

    Reya

    @reya-SMihdC Jul 4, 2012

    #-Link-Snipped-# You mean OWASP web application security risks?
    0
  • David005

    David005

    @david005-JohpZ1 Jul 4, 2012

    #-Link-Snipped-#... Yes, its the web application security OWASP top 10...Do you have any idea about this??? Pls let know...
    0
  • Dancer_Engineer

    Dancer_Engineer

    @dancer-engineer-EJ8rGI Jul 4, 2012

    #-Link-Snipped-#, take a look at these links:
    #-Link-Snipped-#
    #-Link-Snipped-#
    0
  • David005

    David005

    @david005-JohpZ1 Jul 5, 2012

    @Dance_Engineer, I have a theoretical knowledge of what is all OWASP, but Im not getting any idea of how to implement it in my code... Im dont have the practical knowledge about this... Pls let me know if anyone can help me in this.....
    0