1. IP Spoofing
IP Spoofing is also known as the Source Address Spoofing, namely forgery attacker's IP address so that the IP address of the attacker considers the target is the IP address of the host in the network rather than from the outside network. Suppose the attacker has a type A 66.25.xx.xx IP address when the attacker to do this type of attack the network that attacked the attacker will assume the IP is part of networknya 192.xx.xx.xx eg, IP-type C.
IP spoofing occurs when an attacker? Outsmart? packet routing to change the direction of the data or transmissions to different destinations. Packet routing is usually transmitted in a transparent and clear so as to make easier for attackers to modify the data of origin or destination of data. This technique is not only used by the attacker but also used by security professionals to download Tracing the identity of the attacker
2. FTP Attack
One of the attacks carried out against the File Transfer Protocol is a buffer overflow attack caused by malformed command. destination FTP server to attack this average is to get a command shell or to perform Denial of Service. Denial Of Service attacks may eventually lead to a user or attacker to retrieve resources within the network without authorization, while the command shell can make an attacker gain access to the server system and data files that eventually an attacker can make anonymous acces that have root-rights full against a system that was attacked and even network
3. Finger Unix Exploits
In the early days of the Internet, Unix OS finger efficient utility used to download information sharing among users. Due to requests for information on this finger information does not blame the rules, many system administrators leave this utility (finger) with a very minimal security, even with no security at all. For an attacker is very valuable utility to perform footprinting information, including login names and contact information.
This utility also provides excellent information about user activity within the system, how long the user is in the system and how much users care system. Information generated from this finger can minimize Kracker efforts in penetrating a system. Personal information about users who raised the finger daemon is already enough for a atacker to perform social engineering by using social skillnya user in order to take advantage of? Tell? passwords and access codes to the system.
4. Flooding & Broadcasting
An attacker could menguarangi speed networks and hosts that are in it significantly by continuing to perform request / demand any information from servers that can handle classic attacks Denial of Service (Dos), send a request to a port called excessive flooding, sometimes this is also called spraying. The purpose of this second attack is the same that make network resources that provide information to be weak and eventually gave up.
Attacks by flooding depends on two factors: the size and / or volume (size and / or volume). An attacker can cause Denial Of Service by throwing a large-capacity files or a large volume of small package to a system. In such circumstances a network server will face congestion: too much information requested and not enough power to push the data to run. Basically a big package requires a greater capacity of the process, but it is not normal and the same small package in a large volume of resources will be spent in vain, and the resulting congestion
5. Fragmented Packet Attacks
Internet data is transmitted via TCP / IP can be divided into packages that contain only the first packet of information contents of the main part (head) of the TCP. Some firewalls will allow to process part of packages that do not contain information on the packet source address first, this will result in some type of system to crash. For example, the NT server will be a crash if the packets are broken up (fragmented packet) information sufficient to rewrite the first packet of a protocol
6. E-mail Exploits
Peng-exploitasian e-mail occurs in five forms namely: Floods mail, manipulation commands (command manipulation), the attack rate of transport (transport-level attack), enter the various codes (inserting malicious code) and social engineering (utilizing socialization physically). Email attack could cause the system to crash, open and execute even rewriting application files or also make access to command functions (command function)
7. DNS and BIND Vulnerabilities
Recent news about the vulnerability (vulnerabilities) of the application Berkeley Internet Name Domain (BIND) in various versions illustrate the fragility of the Domain Name System (DNS), which is a crisis that is directed at the basic operation of the Internet (Internet basic operation)
IP Spoofing is also known as the Source Address Spoofing, namely forgery attacker's IP address so that the IP address of the attacker considers the target is the IP address of the host in the network rather than from the outside network. Suppose the attacker has a type A 66.25.xx.xx IP address when the attacker to do this type of attack the network that attacked the attacker will assume the IP is part of networknya 192.xx.xx.xx eg, IP-type C.
IP spoofing occurs when an attacker? Outsmart? packet routing to change the direction of the data or transmissions to different destinations. Packet routing is usually transmitted in a transparent and clear so as to make easier for attackers to modify the data of origin or destination of data. This technique is not only used by the attacker but also used by security professionals to download Tracing the identity of the attacker
2. FTP Attack
One of the attacks carried out against the File Transfer Protocol is a buffer overflow attack caused by malformed command. destination FTP server to attack this average is to get a command shell or to perform Denial of Service. Denial Of Service attacks may eventually lead to a user or attacker to retrieve resources within the network without authorization, while the command shell can make an attacker gain access to the server system and data files that eventually an attacker can make anonymous acces that have root-rights full against a system that was attacked and even network
3. Finger Unix Exploits
In the early days of the Internet, Unix OS finger efficient utility used to download information sharing among users. Due to requests for information on this finger information does not blame the rules, many system administrators leave this utility (finger) with a very minimal security, even with no security at all. For an attacker is very valuable utility to perform footprinting information, including login names and contact information.
This utility also provides excellent information about user activity within the system, how long the user is in the system and how much users care system. Information generated from this finger can minimize Kracker efforts in penetrating a system. Personal information about users who raised the finger daemon is already enough for a atacker to perform social engineering by using social skillnya user in order to take advantage of? Tell? passwords and access codes to the system.
4. Flooding & Broadcasting
An attacker could menguarangi speed networks and hosts that are in it significantly by continuing to perform request / demand any information from servers that can handle classic attacks Denial of Service (Dos), send a request to a port called excessive flooding, sometimes this is also called spraying. The purpose of this second attack is the same that make network resources that provide information to be weak and eventually gave up.
Attacks by flooding depends on two factors: the size and / or volume (size and / or volume). An attacker can cause Denial Of Service by throwing a large-capacity files or a large volume of small package to a system. In such circumstances a network server will face congestion: too much information requested and not enough power to push the data to run. Basically a big package requires a greater capacity of the process, but it is not normal and the same small package in a large volume of resources will be spent in vain, and the resulting congestion
5. Fragmented Packet Attacks
Internet data is transmitted via TCP / IP can be divided into packages that contain only the first packet of information contents of the main part (head) of the TCP. Some firewalls will allow to process part of packages that do not contain information on the packet source address first, this will result in some type of system to crash. For example, the NT server will be a crash if the packets are broken up (fragmented packet) information sufficient to rewrite the first packet of a protocol
6. E-mail Exploits
Peng-exploitasian e-mail occurs in five forms namely: Floods mail, manipulation commands (command manipulation), the attack rate of transport (transport-level attack), enter the various codes (inserting malicious code) and social engineering (utilizing socialization physically). Email attack could cause the system to crash, open and execute even rewriting application files or also make access to command functions (command function)
7. DNS and BIND Vulnerabilities
Recent news about the vulnerability (vulnerabilities) of the application Berkeley Internet Name Domain (BIND) in various versions illustrate the fragility of the Domain Name System (DNS), which is a crisis that is directed at the basic operation of the Internet (Internet basic operation)