Various Types of Attacks
Various types of Attacks In this lesson we explore Various Types of Attacks. The first attack we examine in this this lesson is the Man and the Middle Attack and demonstrates how this attack work both client and how the website thinks the attack is really a valid user. We also discuss Denial & Distributed Denial of Service attacks, and how they dif...
Various types of Attacks In this lesson we explore Various Types of Attacks. The first attack we examine in this this lesson is the Man and the Middle Attack and demonstrates how this attack work both client and how the website thinks the attack is really a valid user. We also discuss Denial & Distributed Denial of Service attacks, and how they differ, Spoofing, Spam and other types of malicious Attacks. [toggle_content title="Transcript"] Welcome again, I'm John Oyeleke, subject matter expert for the secured close Exam, Security plus as S-Y-0-4-0-1 today we will be talking about various types of attacks. The first attack we look at is the man in the middle attack. This is called a man in the middle attack, usually represented on the exam will be like that. In this type of malicious person seeks to place a suspicious server between you or the system between you and the server you intend to visit online. We have… if we have your P.C. over here and we have the Web site over here. This is your P.C. The malicious person seeks to place their server in between or the system in between. The idea behind this is that all communications between you and the Web site tend to go to the Man in the middle. So this person has the opportunity to eavesdrop on your communications. You send your credentials to look into get on the web site your credentials are copied; probably a session key is coming from the Web site to you. That could also be copied. The man in the middle could then replay your credentials to the Web site. This way they have access to the Web site and the Web site believes it's you effectively the man in the middle is impersonating you to gain access to the Web site. Next on our syllabus is what is called a denial of service attack. In a denial of service attack, malicious persons exhausted available resources. The idea is to exhaust available resources such that this resource is unavailable for legitimate users. This is an attack against availability as discussed in the CIA where "A" is the availability of resources. In a denial of service attack the resources available for users this could be broadband access to the Internet, This could be network access to a resource. Those resources are exhausted in such a way that when a legitimate user seeks to use these resources they either get an error message or the resource not available. Another formal denial of service is something called the Distributed Denial of Service. Distributed denial of service in this type of attack, the malicious person will distribute the attack over multiple computers hundreds or thousands of computers across the Internet. We will have the attacker's computer on the Internet. The attacker will seek out numerous computers, these computers are not secure, the attacker would plant some software in them which we call a boot and at specific intervals the attacker starts to send out a signal to these machines. At the end of all of this we have the victim. This computer will receive a signal they also know because of the boot within them, they also start to send messages. Everyone is sending. Overall the attack is distributed across these Computers to overwhelmed victim. The victim is too busy a process or attempting to process all these messages and becomes unavailable to legitimate uses. The magnitude of the attack is in the distribution over multiple computers. These Computers do not know they are taking part in an attack. So we refer to them as zombies. The robots in there as well, the boot software installed by the attacker simply continues to allow these machines to send and not receive. Send messages. We also call these botnet. Malicious persons seek to use this strategy; One, to have a very strong impact on the victim and also to hide their track because this computer could be in numerous places across the world, on the Internet makes it difficult to back track where the source of the attack is coming from. That is a distributed denial of service. We have another type of attack which we call spoofing. This is a form of electronic impersonation. A malicious person on a network could spoof an IP address or a MAC address. You could spoof the IP say your computer or computer A has IP Address 192.168.10.150 and computer B has 192.168.10.75 for example. Computer A has access to the Internet. Computer B has no access to the Internet. They user of computer B. could spoof the IP address of computer A such that their computer now has access to the Internet. Essentially spoofing is miscoding to be another person. So this computer B could miscode to be a computer A to gain access to a resource or send a message out pretending to be a computer A. This could be used in numerous types of attacks one of which is called a smart attack. In the small attack computer A will spoof the IP address of computer B and flawed in a broadcast network with a pin .So say we have a request going out of pin going out to the device here. Computer A will spoof the IP address of computer B so the message leaving would appear to come from 192.168.10.75. This pin is also sent out to all the machines on the broadcast network, think by the time they all reply all replies go to computer B. The overwhelming computer B possibly causing it to crash, freeze or become unavailable. Another type of attach is something we call spam. Spam is also resent emails. They push adverts, advertisements to you the Internet; this has some potential to overlook maybe your server space so your space is consumed. You run out of space. You also have to waste time looking through emails to see what emails are legitimate and what emails is waste of your time. Effectively you waste space to your servers, you waste time and time is money. This is also spam. Now sometimes some malicious persons will attempt to do spam over social network. And in this social network they will use Instant Messenger. On social networks they would use Instant Messenger. Which we say IM instant messenger. If you have a spam over social network or spam over instant messengers so that is spam plus instant messenger we have a spin. You are getting spam over social networks. That is what we call spin. [/toggle_content]
Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response