As the world is gradually becoming a digital textbook, where connectivity is the foundation of our daily lives, the integrity and security of computer networks have become vital.
Cyberspace has become so intricate and understanding the various types of network attacks is crucial. On this page we shed light on the diverse range of threats that lurk in the shadows of the digital realm, posing challenges to individuals and organizations alike.
There are four primary types of attacks, they are:
i. Reconnaissance
ii. Access
iii. Denial of Service
iv. Worms, Viruses, and Trojan Horses
1. Reconnaissance Attacks
A reconnaissance attack is a kind of information gathering on network systems and services. This enables the attacker to discover vulnerabilities or weaknesses in the network. It could be likened to a thief surveying through a car parking lot for vulnerable – unlocked – cars to break into and steal stuff.
Reconnaissance attacks can consist of:
a, Internet information lookup
b, Ping sweeps
c, Port scans
d, Packet sniffers
Internet information lookup
Network intruders can use Internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned to a given organization or network. After finding out the IP address, the intruder can then ping the publicly available IP addresses to identify the active addresses.
Ping sweeps
There are automated ping sweep tools that an attacker can use, such as fping or gping, these tools methodically ping all network addresses in a given range or subnet. This is like going through a section of a telephone directory and calling each number to know who answers.
Port scans
When the attacker discovers active IP addresses, the intruder or attacker uses a port scanner (Nmap or Superscan -software designed to search a network host for open ports) to determine which network services or ports are active on the active IP addresses. The port scanner queries the ports to determine the application or operating system (OS) type and version, running on the targeted host.
Based on the information gathered, the intruder can determine if a possible vulnerability or weakness that can be exploited exists.
Packet Sniffers
Packet sniffing or Network snooping are common terms for eavesdropping. The information gathered by eavesdropping can be used to pose other attacks on the network.
A common method for eavesdropping on communications on a network is to capture TCP/IP or other protocol packets and decode the contents using a protocol analyzer or similar tools such as Wireshark. After packets are captured, they can be examined for vulnerable information.
An intruder to eavesdrop on a management protocol called SNMP can use a protocol analyser or Wireshark.
SNMP provides a means for network devices to collect information about their status and send it to an administrator. An intruder could eavesdrop on SNMP versin1 queries and gather valuable information on network device configuration.
Types of Network Attacks
In Summary, One of the most common types of network attacks is a Denial of Service (DoS) attack. This type of attack floods a network with an overwhelming amount of traffic, causing it to become slow or crash completely. Another common type of attack is a Man-in-the-Middle (MitM) attack, where an attacker intercepts communication between two parties without their knowledge. Phishing attacks are also prevalent, where attackers attempt to trick users into providinga sensitive information such as passwords or credit card numbers.
Denial of Service (DoS) Attacks
Malicious Codes Attacks: Worm, Virus, and Trojan Horse
