1. Network Attacks

  1. What is a Network Attack?
  2. Why are Networks Attacked?
  3. Types of Network Attacks
  4. Sources of Attacks

What is a Network Attack?

An attack is an information security threat that involves computer networks as a medium to

1. Why are Networks Attacked?

Types of Attacks

  1. Active Attacks
  2. Passive Attacks

Some common & popular attacks

Denial of service Attack

Back door Attack

Spoofing Attack

Brute force Attack

Software exploitation Attack

Types of Software

  1. Good Software
  2. Bad Software / Malicious Software

MALicious SoftWARE = MALWARE

MALWARE

Any kind of intrusive software that is installed without consent can be classified malware. It can be it code, scripts or active content.

Some common & popular malwares

Viruses

spreads via deliberate user action such as downloading a file or running a program

A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Viruses can range in severity from causing mildly annoying effects to damaging data or software and causing denial-of-service (DoS) conditions. Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program. When the host code is executed, the viral code is executed as well. Normally, the host program keeps functioning after it is infected by the virus. However, some viruses overwrite other programs with copies of themselves, which destroys the host program altogether. Viruses spread when the software or document they are attached to is transferred from one computer to another using the network, a disk, file sharing, or infected e-mail attachments.

Worms

spreads automatically by replicating itself across computers or networks

Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. To spread, worms either exploit a vulnerability on the target system or use some kind of social engineering to trick users into executing them. A worm enters a computer through a vulnerability in the system and takes advantage of file-transport or information-transport features on the system, allowing it to travel unaided.

Trojans

spreads by appearing safe or desirable but disguising its true intent (e.g., backdoors)

A Trojan is another type of malware named after the wooden horse the Greeks used to infiltrate Troy. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create back doors to give malicious users access to the system. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the Internet.

Spyware

monitors user activities for marketing purposes or keylogs user credentials

Adware

serves unwanted ads or redirects user’s browser traffic

Rootkits

A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. The term rootkit is a connection of the two words “root” and “kit.” Originally, a rootkit was a collection of tools that enabled administrator-level access to a computer or network. Root refers to the Admin account on Unix and Linux systems, and kit refers to the software components that implement the tool. Today rootkits are generally associated with malware – such as Trojans, worms, viruses – that conceal their existence and actions from users and other system processes.

Stuxnet - the first known rootkit for industrial control systems

OWASP 🐝

Open Web Application Security Project

OWASP Top 10

  1. Injection
  2. Weak Authentication and session management
  3. XSS (Cross site scripting)
  4. Insecure Direct Object References
  5. Security Misconfiguration
  6. Sensitive Data Exposure
  7. Missing Function Level Access Control
  8. Cross Site Request Forgery
  9. Using Components with Known Vulnerabilities
  10. Unvalidated Redirects and Forwards

Sources of attacks