Types of hacking attacks
Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Types of hacking attacks

  1. #1
    Junior Member
    Join Date
    Jun 2007
    Posts
    4

    Types of hacking attacks

    Hi friends........i'm doing a project in Network Security, and my prof has asked me to learn about various types of attacks.........since it is such a large field i'm having trouble finding appropriate resources..........can someone plz help me out here

  2. #2
    Junior Member AarzaK's Avatar
    Join Date
    Jul 2006
    Location
    Venezuela
    Posts
    29
    Hello!

    Welcome to the Antionline community!

    I am not a software security expert, but I am found it in google.

    http://www.crucialp.com/resources/tu...ow-and-why.php


    There are five forms of attacks commonly used against computers and networks, according to Aaron Turpen, in his article 'Hacker Prevention Techniques.'

    1. Distributed Denial of Service (DDoS) attacks
    * usually aimed at networks by third party systems (typically, compromised systems lacking security that unwittingly become hacker accomplices)
    * focuses on open ports and connections in the network or system
    * they undermine the network by flooding it with requests and "pings," thereby causing one or more systems and their resources to shut down or crash
    * major systems usually recover from such attacks easily and completely

    2. Trojan Horse
    * software disguised as something else (typically useful shareware or freeware) and so are installed in your system consciously
    * it either contains
    o a "back door," (which allows others to enter your system, and do what they want with it, while you're using the software), or
    o a "trigger," (sets itself off when triggered, either by a date or a time or a series of events, etc., and cause your system to shut down or attack other computers; can be part of a DDoS attack
    * SpyWare is a less malicious version (it fills commonly-used form fields for you while also collecting information to send to advertisers and marketing companies)
    * difficult to detect
    3. Virus
    * most common
    * primary concern is to replicate and spread itself, and then destroy or attempt an attack on the host system
    * examples include: I Love You; Crazy Boot, Cascade; Tequila; Frodo
    4. Websites - malicious sites that use known security holes in certain Web technologies to trigger your web browser to perform unwanted functions in your system (ex. an older version of ActiveX had a "hole" that allowed content in any one folder or directory on your hard drive to be automatically uploaded to a web directory or emailed to a receiver)
    5. Worm
    * it consumes resources (quietly) until the system finally becomes overloaded and ceases to function
    * a combination of a DDoS and a virus attack
    * usually reproduces as often as possible to spread as widely as they can
    * typically built for a certain type of system and is benign to all others
    * commonly aimed at larger systems (mainframes, corporate networks, etc.); some are built to "consume" data and filter it back out to unauthorized users (i.e. corporate spies)
    * examples are Sobig and Mydoom


    Hope others guys can help you.

    Cheers,


    AarzaK
    Last edited by AarzaK; June 10th, 2007 at 04:12 PM.
    I Was Sent...
    aarzak_@hotmail.com
    http://aarzak.fadlan.com
    http://www.iitac.org

    Alyssa: Aarzak! Save the world!
    Aarzak: I am the only one who can save this world!
    The Last Battle - Sega(c) Games 1989

  3. #3
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    Welcome to AO! I would say Aarzak gave you a pretty definitive list there. Not much to add. Well done Aarzak.

  4. #4
    Junior Member
    Join Date
    Jun 2007
    Posts
    4
    thnx for the quick reply..............another thing i wanted to ask is that my prof has also asked me to implement some of these attacks , but without using any tools , and my knowledge in this field is somewhat limited to socket programming in C and creating sniffers, scanners.........so what else do i need to know in this field
    Do the above 5 forms of attack cover the entire range..........moreover i sort of need a detailed info on these..........hope u can help a bit more..........thnx

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Nice move to get someone to explain how to hack ...
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    Member
    Join Date
    Sep 2006
    Location
    At a keyboard
    Posts
    82
    I'm going to have to agree with cider. Professors will not usually ask you to do something that has not already been covered in a course.
    "I have died, I will die, It's alright, I don't mind"

  7. #7
    Banned
    Join Date
    Aug 2005
    Posts
    8
    If it bothers you that badly then why do you two feel so compelled to announce that you are annoyed by his questions... to which you really have nothing to add beyond your complaints anyway. I don't think this is the sort of behavior associated with intellectual computer users.

    and my knowledge in this field is somewhat limited to socket programming in C and creating sniffers
    If you could (for example) hook the winsock librarys then surely you could host web-based scripts which are open to SQL injection, remote file inclusion, and XSS then exploit these flaws with nothing but a browser.
    Last edited by rlt; June 11th, 2007 at 03:23 AM.

  8. #8
    Member
    Join Date
    Sep 2006
    Location
    At a keyboard
    Posts
    82
    Most quite simply due to the fact that this board is plagued with "how do i hack x" posts. Mabey I was entirely wrong and the class is teaching theoretical network security and asking for students to show examples from research materials that were not offered by the course.
    "I have died, I will die, It's alright, I don't mind"

  9. #9
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    And that really is the point, and the most difficult thing for us to ascertain here. Is the question really a security question, or a hacking question masquerading as one? The line can become almost invisible sometimes, but we still have to try to find it.

  10. #10
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    to websites i would recommened you take a looksie at.

    http://www.0x000000.com/?

    http://milw0rm.com

Similar Threads

  1. A look into IDS/Snort Whole thing by QoD
    By qod in forum The Security Tutorials Forum
    Replies: 6
    Last Post: February 27th, 2004, 03:03 AM
  2. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  3. Understanding DoS
    By NullDevice in forum The Security Tutorials Forum
    Replies: 21
    Last Post: December 17th, 2003, 10:03 PM
  4. You can be a Certified Ethical Hacker...
    By -DaRK-RaiDeR- in forum AntiOnline's General Chit Chat
    Replies: 13
    Last Post: January 10th, 2003, 07:10 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •