Attacks
An attack is a specific technique used to exploit a vulnerability. For example, a threat could be a denial of service. A vulnerability is in the design of the operating system, and an attack could be a "ping of death." There are two general categories of attacks, passive and active. Passive attacks are very difficult to detect, because there is no overt activity that can be monitored or detected. Examples of passive attacks would be packet sniffing or traffic analysis. These types of attacks are designed to monitor and record traffic on the network. They are usually employed for gathering information that can be used later in active attacks.
Active attacks, as the name implies, employ more overt actions on the network or system. As a result, they can be easier to detect, but at the same time they can be much more devastating to a network. Examples of this type of attack would be a denial-of-service attack or active probing of systems and networks.
Networks and systems face many types of threats. There are viruses, worms, Trojan horses, trap doors, spoofs, masquerades, replays, password cracking, social engineering, scanning, sniffing, war dialing, denial-of-service attacks, and other protocol-based attacks. It seems new types of threats are being developed every month. The following sections review the general types of threats that network administrators face every day, including specific descriptions of a few of the more widely known attacks.
In this tutorial:
- Threats and Attacks
- The OSI Reference Model
- TCP/IP Protocol Suite
- Threats, Vulnerabilities, and Attacks
- Attacks
- Viruses
- Worm
- Trojan Horses
- Trap Doors
- Logic Bombs
- Port Scanning
- Spoofs
- Sequence Number Spoofing
- DNS
- DNS Poisoning
- Redirects
- Password Cracking
- Sniffing
- War Dialing
- Denial of Service
- Ping of Death
- SYN Flooding
- SPAM
- Smurf Attack
