Please enable JavaScript.

Coggle requires JavaScript to display documents.

Introduction Vulnerabilities, Threat and Attack (ACCESS (ACCESS ATTACK…

- - - - Packet sniffers
      - Port scans
      - Ping sweeps
      - Internet information queries
- - - - Man-in-the-middle attacks
        
        Requires that the hacker have access to network packets that come across a network.
        The possible uses of such attacks are theft of information, hijacking of an ongoing session to gain access to private network resources, traffic analysis to derive information about a network and its users, denial of service, corruption of transmitted data, and introduction of new information into network sessions
      - Social engineering
        
        The easiest hack involves no computer skill at all. If an intruder can trick a member of an organization into giving over valuable information, such as locations of files, and servers, and passwords, the process of hacking is made immeasurably easier.
        the simplest, but a still-effective attack is tricking a user into thinking one is an administrator and requesting a password for various purposes.
      - Phishing
        
        Phishing is a type of social-engineering attack that involves using e-mail or other types of messages in an attempt to trick others into providing sensitive information,
        such as credit card numbers or passwords.
      - Trust Exploitationan
        
        An attack in which an individual takes advantage of a trust relationship within a network. The classic example is a perimeter network connection from a corporation. These network segments often house Domain Name System (DNS), SMTP, and HTTP servers.
        Because all these servers reside on the same segment, the compromise of one system can lead to the compromise of other systems because these systems usually trust other systems attached to the same network.
      - PASSWORD ATTACK
        
        Can be implement using several method,
        including brute-force attacks, trojan horse programs, IP spoofing, and packet sniffers.
        
        Two methods for computing passwords:
        
        Dictionary cracking
        All of the words in a dictionary file are computed and compared against the possible users’ password.
        This method is extremely fast and finds simple passwords.
        
        Brute-force computation
        
        This method uses a particular character set, such as A to Z, or A to Z plus 0 to 9, and
        computes the hash for every possible password made up of those characters.
        
        It always computes the password if that password is made up of the character set you have selected to test.
        
        The downside is that time is required for completion of this type of attack.