There are many different Network Attack Threats, but there are the more common Network Attack Threats such as:
1) IP Address spoofing
The IP Address of a computer is used by most networks and operating systems to identify a valid entry. And it is possible for IP Addresses to be falsely assumed with IP Address Spoofing. Special programs are used by attackers to change into IP packets that seems to have originated from valid addresses inside the corporate intranet. Once the attacker has successfully gained access to the network with a valid IP Address, he/she will be able to modify or delete data, or even change the route of the data.
Picture of how spoofing is done
2) Denial-of-Service Attack (DOS Attack)
The Denial-of-Service Attack (DOS Attack) prevents normal use of network and the computer by valid users. Once the attacker has gained access to your network, the attack is able to:
a) Randomise the Internal Information Systems staff's attention so that they will not see the intrusion immediately, which allows the attacker to initiate more attacks during this diversion.
b) Flood one computer or the whole network with traffic until a shut down occurs due to overloading.
c) Block traffic, which will result in the loss of access to network resources by authorised users.
But, there are solutions to solve or counter the problems caused by the Network Attack Threats.
For IP Address spoofing, users can trace the spoofed IP Packets, and so IP trace-back technology play a big part in discovering the source of the spoofed packets. The two main methods for tracing spoofed IP packets back to the source is Hop-by-Hop trace back and logging of suspicious packets in routers. It can inform the Internet Service Provider (ISP) when a node detects that it has become a victim of a flood attack. During flood attacks, the ISP can determine which router is sending the stream to the victim, and then it can also determine which is the next router that is going to be the next victim. So the ISP would either reach the source of the flood attack or reach the end of its administrative domain.
For DOS attacks, users can use the pattern recognition web application security engine to effectively protect against malicious behavior such as DOS attack. The patterns are regular expression-based and designed to efficiently and accurately identify a wide variety of application-level attack methods.
References:
http://www.tech-faq.com/network-attacks.html
http://technet.microsoft.com/en-us/library/cc959354.aspx
http://www.applicure.com/solutions/prevent-denial-of-service-attacks
http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_10-4/104_ip-spoofing.html
Picture :
http://www.windowsecurity.com/img/upl/ssh1_21026823126250.gif
No comments:
Post a Comment