Attackers attempt a range of tactics and schemes to try to bypass or decode access control mechanisms, making access control one of the most vulnerable and targeted security mechanisms.
Password Attacks
Access control on most systems is achieved with a username and password. One of the weaknesses is users' lapse in maintaining password security, a habit hackers are well aware of and try to use to seize passwords. Two types of attacks are commonly used: a dictionary attack or a brute-force attack.
- Dictionary Attacks: A dictionary attack uses a fixed dictionary file that a program will scan to find a match with a user’s password. Passwords are typically registered in a hashed format. Most password-decoding programs use a method called comparative analysis where all commonly used variations of words in the dictionary file are hashed. The resulting hash is then compared to the encrypted password. If a match is found, the password is decoded. So in the case of passwords that are commonly known, or dictionary-based words, a dictionary attack will crack them pretty quickly.
- Brute-Force Attacks: A brute force attack is a unilateral trial of every possible combination of letters, numbers, and symbols in an aggressive plot to seize passwords for user accounts. Today’s advanced technology lends itself to the success of brute force attacks even with strong passwords, however, the length of the password enhances its protection against brute force attacks because lengthy passwords require more time to decode. Still, most passwords of 14 characters or less can be decoded within 7 days.
One type of brute-force attack uses a rainbow table. In this variation, all possible passwords are pre-computed before an attack is launched. Once it scans all potential passwords, their corresponding encrypted values are stored in a file called the rainbow table. The encrypted data is then compared to variations stored in the rainbow table and can be cracked in a matter of seconds.
Back Door Attacks
A back door attack gives an attacker access to a system from another device using their own login credentials. Back doors are placed in the system to allow a programmer to debug and modify code during a test-run of the software. Another type of back door can be implemented in a system by malicious code, allowing uncontrolled access to systems or services. Software programs that use a back door:
- Virtual Network Computing (VNC)
- Back Orifice
- NetBus
- Sub7 (or SubSeven)
- PC Anywhere
- Terminal
The malicious code can also be concealed in another application, or what’s known as a Trojan horse.
Spoofing, Man-in-the-Middle and Replay Attacks
Spoofing is a process that alters a packet at the TCP level. The attacker dispatches a packet with an IP address of a known and trusted host to the target host, gaining access as an imposter. The attacker can also masquerade known services such as Web, FTP, and email.
A man-in-the-middle attack is a tactic that’s used to snag information transmitted between two hosts. This method allows the attacker to position itself between the two hosts while remaining invisible to them. This is achieved through altering routing information and DNS values, IP address theft, or defrauding of ARP caches to replicate two legitimate hosts. Using a man-in-the-middle plot allows an attacker to obtain logon credentials or sensitive data that is being transmitted, and modify that data before forwarding it to the intended host. To defend against a man-in-the-middle attack, you need to implement DNS protection by blocking access to its records and name caching system.
A replay attack, also known as a playback attack, has similarities to a man-in-the-middle attack. In replay attacks, the attacker will chronicle the traffic between a client and server then resend the packets to the server with minor changes to the source IP address and time stamp on the packet. This opens up an opportunity for the attacker to go back to the previous communication link with the server and access data. To protect your system from this type of invasion, applying complex sequencing rules and time stamps will counteract re-transmitted packets being accepted as valid.
