Security Attacks

This page lists types of security attacks. This document will address security issues, measures, and policies which take these types of attacks into consideration.

1. DoS- Denial of Service
2. Trojan Horse - Comes with other software.
3. Virus - Reproduces itself by attaching to other executable files.
4. Worm - Self-reproducing program. Creates copies of itself. Worms that spread using e-mail address books are often called viruses.
5. Logic Bomb - Dormant until an event triggers it (Date, user action, random trigger, etc.)

Hacker Attacks

I use the term "hacker attacks" to indicate hacker attacks that are not automated by programs such as viruses, worms, or trojan horse programs. There are various forms that exploit weakneses in security. Many of these may cause loss of service or system crashes.

• IP spoofing - An attacker may fake their IP address so the receiver thinks it is sent from a location that it is not actually from. There are various forms and results to this attack.
• The attack may be directed to a specific computer addressed as though it is from that same computer.
• Gaining access through source routing. Hackers may be able to break through other friendly but less secure networks and get access to your network using this method.
• Man in the middle attack -
• Session hijacking - An attacker may watch a session open on a network. Once authentication is complete, they may attack the client computer to disable it, and use IP spoofing to claim to be the client who was just authenticated and steal the session.
• Server spoofing - A C2MYAZZ utility can be run on Windows 95 stations to request LANMAN (in the clear) authentication from the client.
• DNS poisoning - This is an attack where DNS information is falsified. This attack can succeed under the right conditions, but may not be real practical as an attack form.
• Password cracking - Used to get the password of a user or administrator on a network and gain unauthorized access.

Some DoS Attacks

• Ping broadcast - A ping request packet is sent to a broadcast network address where there are many hosts. The source address is shown in the packet to be the IP address of the computer to be attacked.
• Ping of death - An oversized ICMP datagram can crash IP devices that were made before 1996.
• Smurf - An attack where a ping request is sent to a broadcast network address with the sending address spoofed so many ping replies will come back to the victim and overload the ability of the victim to process the replies.
• Teardrop - a normal packet is sent. A second packet is sent which has a fragmentation offset claiming to be inside the first fragment.