The hackers used his expertise in computers to view, find and correct flaws in the security system of a computer system or in a software. However, how does a hacker to penetrate the system a website? IP Spoofing IP Spoofing is also known as the Source Address Spoofing, namely forgery attacker's IP address so that the target considers the attacker's IP address is the IP address of the host in the network instead of from the outside network. Suppose the attacker has type A 66.25.xx.xx IP address when this type of attacks attackers then assaulted Network which will assume the attacker IP is part of the IP networknya 192.xx.xx.xx eg type C.
IP Spoofing
occurs when an attacker 'outsmart' packet routing to change the direction of the data or transmissions to different destinations. Packet routing is usually transmitted to a transparent and clear so it makes easy for an attacker to modify the data source or destination of the data. This technique is not only used by the attacker, but also be used by security professionals to download tracing the identity of the attacker.
FTP Attack
One of the attacks carried out against the File Transfer Protocol is a buffer overflow attack caused by malformed command. destination FTP server to attack this average is to get a command shell or to perform a Denial of Service. Denial Of Service attacks may eventually lead to a user or attacker to retrieve the resource in the network without authorization, while the command shell can make an attacker gain access to the server system and data files that an attacker could eventually make anonymous root-acces having the right full to the system even diserang.Sebagai example network is a popular FTP server UNIX family that WU-FTPD is always in upgrade two times a day to improve the conditions that permit the FTP exploit bufferoverflow also useful to know the password contained in the system, FTP Bounce attack (using the ftp servers of others to carry out attacks), and knowing or mensniff information is in the system.
Unix Finger Exploits
In the early days of the Internet, Unix OS finger efficient utility used to download the information sharing among users. Because the demand for information on this finger information do not blame the rules, many system administrators leave this utility (finger) with minimal security, even without any security at all. For an attacker this utility is very valuable to have information on footprinting, including login names and contact information. The utility also provides an excellent description of user activity within the system, how long the user is in the system and how much users care system. The information generated from this finger can minimize Kracker effort to penetrate a system. Personal information about the user that is raised by the finger daemon is already enough for a atacker to perform social engineering using the social skill to utilize the user to 'tell' passwords and access codes to the system.
Flooding and Broadcasting
An attacker could reduce the speed of the network and the hosts within it is significant in a way continue to request / demand for the information of servers that can handle classic attack Denial of Service (Dos), send a request to a port in excess called flooding, sometimes it is also called spraying. When a request is sent to flood all stations that are in this attack named broadcasting network. The second goal of this attack is the same that make network resource that provides information to become weak and eventually gave up. Flooding attack in a way that is dependent on two factors: the size and / or volume (size and / or volume). An attacker can cause a Denial of Service by throwing a large-capacity files or a large volume of small packet to a system. In such circumstances the network server will deal with congestion: too much information being requested and not enough power to push the data to run. Basically a big package that requires greater processing capacity, but abnormally small package and at a high volume resource will be spent in vain, and the resulting congestion.
Fragmented Packets Attacks
Internet data is transmitted via TCP / IP can be further divided into packages that contain only the first packet of information that the contents of the main part (head) of TCP. Some firewalls will allow to process part of the packages do not contain information on the source address on the packet first, this will result in some type of system to crash. For example, the NT server will be crashed if the packages were broken up (fragmented packet) enough information to rewrite the first packet of a protocol.
Email Exploits
e-mail exploit occurs in five forms, namely: mail floods, manipulation command (command manipulation), the attack rate of transport (transport level attack), include a variety of code (inserting malicious code) and social engineering (utilizing physical socialization ). Email attack could cause the system to crash, open and execute even rewriting the application files or also make access to command functions (command function).
DNS and BIND Vulnerabilities
News recently about vulnerabilities (vulnerabilities) on apps Berkeley Internet Name Domain (BIND) in various versions illustrate the fragility of the Domain Name System (DNS), which is a crisis that is directed at the basic operation of the Internet (internet basic operation) .
Password Attack
Password is a common thing when we talk about security. Sometimes a user does not care about the number of pins they have, such as online transaction in the cafe, even transact online at home is very dangerous if it is not equipped with security software such as SSL and PGP. Password is one procedure that is very difficult to attack, an attacker might have many tools (technically and in social life) just to unlock something password.Ketika protected by an attacker managed to get a password that is owned by a user, then it will have the same power to the user. Train employees / users to remain vigilant in protecting the password of social engineering can at least minimize the risk, except in case of social engineering practices organizations must be aware of this technical way. Most attacks are carried out against password guessing (guessing), brute-force, cracking and sniffing. One Attack Proxy Server Proxy server function is to speed up the response time by bringing together processes from multiple hosts in a trusted network. In most cases, each host has the power to read and write (read / write) which means that what can I do in my system I can also do on your system and vice versa.
Remote Command Processing Attack
Trusted Relationship between two or more host facilities the exchange of information and resource sharing. Similar to a proxy server, trusted relationships give all members equal access to the power network in one and the other system (the network). Attacker will attack the servers that are members of a trusted system. Just as the latency to the proxy server, when access is received, an attacker would have the ability to execute commands and access a user data available to others. Attack File System Remote Protocol-the protocol for data transport backbone of the internet-is TCP level (TCPLevel) with a mechanism that has the ability to read / write (read / write) between network and host. Attacker can easily obtain trace information of this mechanism to gain access to the file directory. Selective Program Program Selective insertions insertions are performed when the attacker attacks put destroyer programs, such as viruses, worms and trojans (you probably already know this term well?) On the target system. Destruction programs is often also called malware. These programs have the ability to damage the system, destruction of files, stealing the password to open the backdoor.
Port Scanning
Through port scanning an attacker can see the function and how to survive a system from a variety of ports. Atacker can gain access to the system through an unprotected port. Sebaia example, scanning can be used to determine where the default SNMP string in the open for the public, which means that the information can be extracted for use in remote attack command.
TCP / IP Sequence Stealing
Passive Listening and PacketInterception Port TCP / IP Sequence Stealing, Passive Listening Port and Packet Interception runs to gather sensitive information to access a network. Unlike active attacks and brute-force, attack using this method have more stealth-like quality.
HTTPD Attacks
Vulnerabilities found in HTTPD or that there are five types webserver: buffer overflows, bypasses httpd, cross scripting, web code vulnerabilities, and floods.HTTPD URL Buffer Overflow can occur because of errors on the attacker adds the port used for web traffic by entering the lot carackter and overflow string to find a suitable place. When a place for overflow discovered, an attacker will insert a string that would be command can be executed. Buffer-overflow can give the attacker access to the command prompt.
Post a Comment