Network security these days is a fast-paced and ever-increasing demand. Various attacks emerge almost everywhere regardless of whether it would directly affect you or not. Still, more and more people spend time and money to counter serious threats to their security.
There are various network security attacks, many of which can damage and destroy the network itself along with all the valuable data stored in it. Moreover, it can breach the confidentiality of the files that the network is keeping safe and secured. Some of the most common forms of attacks are as follows:
IP Spoofing
In this kind of attack, a host claims to have the IP address of another. Since many systems (such as router access control lists) identify which packets may and may not pass based on the sender's IP address, this could be a useful technique to an attacker: he can send packets to a host, perhaps causing it to take some sort of action. Moreover, some applications allow login based on the IP address of the person making the request.Guessing of usernames and passwords (unauthorized access)
This is especially effective when the root or administrator password is weak, or when a system is set with default passwords that people don’t even bother to change. Furthermore, there are a lot of programs that have been specifically designed to crack passwords using the ’brute force’ method. A bad password on a Microsoft Windows system can be cracked in less than a second. Worse still, some systems send passwords over the network as clear text. There are plenty of tools available to collect those too. An example would be using a key logger to record the keystrokes of an authorized user.
The main network security attack that can be perpetrated via email is by using email as a means of sending worms which can be carried into the very heart of the network. This goes to show why email is so popular as a means for network security attacks.
Worms & Trojans
An unauthorized user more or less aims to install a malicious software or program on the system. The worm will then hide its presence from the administrator of the system for as long as possible, and will only do the tasks the attacker has "instructed" it to do. Some worms can even be connected to after installation and be given new instructions.
Wireless Specific Network Security Attacks
A wireless network is different from fixed networks in many ways. From a security perspective the biggest difference is that a fixed network has a well defined boundary while a wireless network doesn’t provide such an easily defined boundary. Thus, anyone can easily gain access to the network unless a password is given or it is hidden.
Phishing
This is a form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user IDs and passwords through impersonation. A fake website is then created that is similar to that of a legitimate organisation, typically a financial institution such as a bank or insurance company. An email is then sent requesting that the recipient access the fake website, which will usually be a replica of a trusted site, and enter their personal details, including security access codes. The page looks genuine, because it is easy to fake a valid web site. Any HTML page on the web can be modified to suit a phishing scheme.
Phishing
This is a form of Internet fraud that aims to steal valuable information such as credit cards, social security numbers, user IDs and passwords through impersonation. A fake website is then created that is similar to that of a legitimate organisation, typically a financial institution such as a bank or insurance company. An email is then sent requesting that the recipient access the fake website, which will usually be a replica of a trusted site, and enter their personal details, including security access codes. The page looks genuine, because it is easy to fake a valid web site. Any HTML page on the web can be modified to suit a phishing scheme.
No comments:
Post a Comment