Flux rss
They need your help
 

Introduction to attacks

Types of hackers
Bookmark Bookmark & Share
Introduzione agli attacchi Introdução aos ataques Einführung zu Angriffen Introduction aux attaques Introducción a los ataques

Introduction to attacks

Any computer connected to a computing network is potentially vulnerable to an attack.

An "attack" is the exploitation of a flaw in a computing system (operating system, software program or user system) for purposes that are not known by the system operator and that are generally harmful.

Attacks are always taking place on the internet, at a rate of several attacks per minute on each connected machine. These attacks are mostly launched automatically from infected machines (by viruses, Trojan horses, worms, etc.) without their owner's knowledge. In rarer cases, they are launched by computer hackers.

In order to block these attacks, it is important to be familiar with the main types of attacks so as to set up preventive measures.

Attacks may be launched for various reasons:

  • to obtain access to the system;
  • to steal information, such as industrial secrets or intellectual property;
  • to gather personal information about a user;
  • to retrieve bank account information;
  • to get information about the organization (the user's company, etc.);
  • to disrupt the proper functioning of a service;
  • to use the user's system as a "bounce" for an attack;
  • to use the resources of the user's system, particularly when the network on which it is located has a high bandwidth.

Types of attacks

Computer systems use a variety of a components, ranging from electricity to power the machines to the software program executed via the operating system and that uses the network.

Attacks may occur at each link of this chain, as long as there is an exploitable vulnerability. The outline below briefly reviews the various levels that present a security risk:

Security risks

Risks may be categorized as follows:

  • Physical access: this is a case where the attacker has access to the premises, and maybe even to the machines:
    • Power outage
    • Manual shutdown of the computer
    • Vandalism
    • Opening of the computer's case and theft of the hard drive
    • Monitoring of network traffic
  • Communication interception:
    • Session hijacking
    • Identity spoofing
    • Re-routing or alteration of messages
  • Denials of service: these are attacks aiming to disrupt the proper functioning of a service. Denials of service are usually broken down as follows:
    • Exploitation of TCP/IP protocol weaknesses
    • Exploitation of server software vulnerabilities
  • Intrusions:
    • Port scanning
    • Elevation of privilege: this type of attack involves exploiting a vulnerability in an application by sending a specific request, not planned by its designer, generating abnormal behaviour that sometimes leads to system access with application rights. Buffer overflow attacks use this principle.
    • Malicious attacks (viruses, worms and Trojan horses)
  • Social engineering: In the majority of cases the weakest link is the user himself! It is often the user who, out of ignorance or by dupery, will open a flaw in the system by giving information (password for example) to the hacker or by opening an attachment. In this case, no protective devices can protect the user against spoofing - only common sense, reason and some basic information about the various practices used can help avoiding making mistakes!
  • Trapdoors: these are backdoors hidden in a software program giving future access to its designer.

For all this, programming errors contained in programs are usually corrected fairly quickly by their designer as soon as the vulnerability is published. It is therefore up to administrators (or well-informed personal users) to keep informed about updates to the programs they use in order to limit risks of attacks.

Morever, there are a certain number of devices (firewalls, intrusion detection systems, antiviruses) that make it possible to add an additional security level.

Protection effort

An computer system's security is generally called "asymmetric" insofar as the hacker has to find only one vulnerability to compromise the system, while it is in the administrator's best interest to correct all of its flaws.

Bounce attacks

When launching an attack, the hacker is always conscious of the risk of getting caught, which is why hackers generally privilege bounce attacks (as opposed to direct attacks), which involve attacking a machine via another machine so as to hide traces that could lead back to the said hacker (such as his/her IP address) and with the goal of using the machine's resources as a bounce.

This shows the value of protecting your network or personal computer - you may end up as the "accomplice" to an attack and if the victim files a complaint, the first person questioned will be the owner of the machine that was used as a bounce.

With the development of wireless networks, this type of scenario could become more and more common since wireless networks are not very secure and hackers located nearby can use them to launch attacks!

Last update on Thursday October 16, 2008 02:43:15 PM.This document entitled « Introduction to attacks » from Kioskea (en.kioskea.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the licence, as this note appears clearly.

Nuke attack Nuke attack Nukes are Window crashes caused by dimwitted users (who know your IP address) who decide to use a Windows 95 (not 98) bug where if someone repeatedly sends information packets to port 139, Windows displays a lovely and impressive blue... en.kioskea.net/contents/attaques/nuke.php3
Cross-Site Scripting attacks Malicious code injection Cross-Site Scripting (sometimes abbreviated XSS or CSS) attacks are attacks targeting websites that dynamically display user content without checking and encoding the information entered by users. Cross-Site Scripting... en.kioskea.net/contents/attaques/cross-site-scripting.php3
Teardrop attack Fragment attack A "fragment attack" is a network saturation (denial-of-service) attack that exploits the fragmentation principle of the IP protocol. The IP protocol is used to fragment large packets into several IP packets each having a sequence... en.kioskea.net/contents/attaques/attaque-teardrop.php3
[Disinfection] How to delete an infected service?[Disinfection] How to delete an infected service? Deleting through HijackThis Remove using the command line During disinfection, you may have to remove a service belonging to an infected malware. Some methods of removal. ... en.kioskea.net/faq/sujet-2420-disinfection-how-to-delete-an-infected-service
VIRUS ALERT !VIRUS ALERT ! Solutions Turn off / Reactivation System Restore Step 1 Option 2 (Deletion) Symptoms of infection: Message: Virus Alert! next to the clock as shown below: Unable to view Disk C in My Computer Unable to open the... en.kioskea.net/faq/sujet-1478-virus-alert
Do I need a firewall and where can I get one?Do I need a firewall and where can I get one? With all theses malwares ,viruses etc firewalls are absolutely necessary if you use a broadband connection (DSL, Cable, Satellite, etc.). Their aim is to protect you from intrusion and attack... en.kioskea.net/faq/sujet-14-do-i-need-a-firewall-and-where-can-i-get-one
Results for Introduction to attacks
Virus attack on my laptop, please HELP!!!!!Hello, I have got this problem for about two weeks now, is the microsoft security center message that keeps coming up when I go to some of the websites. The whole thing says Microsoft Security Center Alert : Your computer have been attacked by spyware... en.kioskea.net/forum/affich-43238-virus-attack-on-my-laptop-please-help
Network attack blockerHello,i have been using kaspersky internet security 8.0.0.506 but it has started giving me messages that- network attack intrusion.Win.MSSQL.Worm.Helkern! UDP from 75.69.243.165 to local port 1434Blocked.Attacking computer has not been blockedits... en.kioskea.net/forum/affich-95941-network-attack-blocker
Blue screen after virus attackHello, I have dl everything from malware bytes, superantispyware, spysweeper etc ran numerous online virus scanners and trials ( AVG, AVAST, Kaspersky, Nod32, trendmicro etc not at the same time) software removal tools,... en.kioskea.net/forum/affich-63424-blue-screen-after-virus-attack
Results for Introduction to attacks
Download Clean Virus MSNViruses meet hereafter a bit on the net by all thinkable means everywhere. After mails , supporting they attack instantaneous freight forwarding. Clean Virus MSN is a tool which discerns automatically the viruses which circulate on MSN Messenger.... en.kioskea.net/telecharger/telecharger-992-clean-virus-msn
Download Clean Virus MSNThe viruses meet henceforth a little everywhere on the Net by all the conceivable means. After the emails virus diseases, now they attack with the instant messaging. Clean Virus MSN is a tool which automatically detects the viruses which circulate on... en.kioskea.net/telecharger/telecharger-1438-clean-virus-msn
Download CA Anti-Spam PlusCA Plus Anti-spam provides a simple and effective protection against the spams and fraudulent phishing attacks. This software checks the source of the messages and redirects those which come from unknown senders. Moreover, it works seamlessly with... en.kioskea.net/telecharger/telecharger-2934-ca-anti-spam-plus
Results for Introduction to attacks
NATO boosts cyber-attack response force: senior officialA man is looking at his computer screen. NATO has put in place special emergency response teams to deal with cyber terrorism following a serious attack on member state Estonia last year, a senior official said on Friday. NATO has put in place... en.kioskea.net/actualites/nato-boosts-cyber-attack-response-force-senior-official-10266-actualite.php3
Sri Lanka army website hacked: defence ministrySri Lankan soldiers stand guard two kilometers from the front line on Puthukkudiyiruppu on April 24, 2009. The Sri Lankan army's website has been targeted in a "cyber terrorism" attack by Tamil rebels, the defence ministry said Friday, and replaced... en.kioskea.net/actualites/sri-lanka-army-website-hacked-defence-ministry-12708-actualite.php3
Amazon's Google phone alliance ramps up attack on iTunesInternet retail titan Amazon has ramped up its attack on Apple's iTunes by having links to its MP3 online music and movie store built into a "Google phone" due out next month. Internet retail titan Amazon has ramped up its attack on Apple's iTunes... en.kioskea.net/actualites/amazon-s-google-phone-alliance-ramps-up-attack-on-itunes-10719-actualite.php3
Results for Introduction to attacks
SYN attackSYN attack The "SYN attack" (also called "TCP/SYN Flooding") is a network saturation (denial-of-service) attack that exploits the Three-way handshake mechanism of the TCP protocol. The three-way handshake is the way in which any "reliable"... en.kioskea.net/contents/attaques/attaque-syn.php3
Denial of service attackIntroduction to denial-of-service attacks A "denial-of-service attack" (abbreviated DoS) is a type of attack that aims to make an organization's services or resources unavailable for an indefinite amount of time. Most of the time, these attacks are... en.kioskea.net/contents/attaques/dos.php3
Ping of death attackPing of death attack The ping of death attack is one of the oldest network attacks. The principle of ping of death simply involves creating an IP datagram whose total size exceeds the maximum authorized size (65,536 bytes). When such a packet is... en.kioskea.net/contents/attaques/attaque-ping-de-la-mort.php3
Results for Introduction to attacks