Security attacks

• Categories of attacks

–Active attacks

–Passive attacks

Trojan Horse – Malicious code hidden in harmless program which can cause damage to the resources

Phishing – A duplicate website created as legitimate site would trap information from the user.

Sniffing – Program that captures data addressed to other machines or from the network to make use of the information over communication.

Hacking – A hacker would have the control over a machine remotely.

DOS attack DC++ is a file sharing software which has created an attack emanating from hundreds of thousands of Internet protocol addresses (IPs), with many of the attacks producing more than a gigabit of junk data every second. The sheer number of Internet addresses has caused problems for routers and firewalls.

Zero-Day ExploitA zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known. There are zero days between the time the vulnerability is discovered and the first attack.

Data DiddlingData diddling is the changing of data before or during entry into the computer system. Examples include forging or counterfeiting documents used for data entry and exchanging valid disks and tapes with modified replacements.

Smurf AttackThe Smurf Attack is a denial-of-service attack in which large numbers of ICMP packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address. Most devices on a network will, in their default settings, respond to this by sending a reply to the source IP address. If the number of machines on the network that receive and respond to these packets is very large, the victim's computer will be flooding with traffic.

Eavesdropping - Eavesdropping is the act of secretly listening to the private conversation of others without their consent.

Teardrop attack - A DoS attack where fragmented packets are forged to overlap each other when the receiving host tries to reassemble them.

Man-in-middle attack - The man-in-the-middle attack (often abbreviated MITM, MitM, MIM, MiM, MITMA) is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.

Brute force attack- Brute-force attack, or exhaustive key search, is a cryptanalytic attack that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier.

ARP poisoning attack - When two hosts want to communicate to each other through an Ethernet link, the source host must know the MAC address of the destination host. In this way, the source host looks at its ARP table to see if there is a MAC address corresponding to the destination host IP address. If not, it broadcasts an ARP Request to the entire network. ARP does not verify replies, so bad guys can force an ARP poisoning.

Ping of death - A ping of death (abbreviated "PoD") is a type of attack on a computer that involves sending a malicious ping to a computer. A ping is normally 56 bytes in size. Many computer systems could not handle a ping packet larger than the maximum IPv4 packet size, which is 65,535 bytes. Sending a ping of this size could crash the target computer

Identity Spoofing - Spoofing occurs when the attacker determines and uses an IP address of a network, computer, or network component without being authorized to do so.

Sybil attack - A Sybil attack is one in which an attacker subverts the reputation system of network by creating a large number of pseudonymous entities, using them to gain a disproportionately large influence.

Unsolicited messaging - The risks associated with unsolicited messaging, the speed with which they spread and the extent of potential damages are staggering, and increasing exponentially. Spammers, who can only survive if their messages get to the maximum number of people.

Eclipse attack - In an Eclipse attack, a set of malicious nodes to isolate one or more honest nodes. Before an attacker can launch an eclipse attack, control must be gained over a certain amount of nodes along strategic routing paths.

Logic Bomb - A logic bomb is a piece of code intentionally inserted into a software system that will set off a malicious function when specified conditions are met. For example, a programmer may hide a piece of code that starts deleting files (such as a salary database trigger), should they ever be terminated from the company.

Time Bomb - Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fool's Day. Trojans that activate on certain dates are often called "time bombs".

Zip Bomb – A Zip bomb is a file containing multiple nested compressed files that expand exponentially when unzipped. A zip bomb, also known as decompression bomb, is a malicious archive file designed to crash the program or system reading it.