When you deeply understand the thinking of hackers, you may realize that there are two types of hackers You will definitely encounter-passive and active. Know the types of attacks they carried out Will prepare you to install the correct way to protect the system you are trying to protect Security Protocol.
What is a Passive Attack?
A passive attack is an attack wherein the hacker waits for the perfect opportunity to penetrate your system. This type of attack is typically done in order for a hacker to observe your networking structure, the type of software you use, or any security measures that you have already installed.
Passive attacks typically happen when a hacker monitors possible system vulnerabilities without making any changes to the data that he targets. You can think of this attack as a hacker’s means of researching his target in order to launch a more effective attack.
Passive attacks are classified into:
1. Active reconnaissance
This happens when an intruder listens right into a targeted system by engaging the target to find out where the weak points are. This is typically done through port scanning, which is an effective tactic to find out where the vulnerable ports are located and what type of data they normally host. After discovering the vulnerability, a hacker may engage this weak point and exploit the services that are associated with them.
2. Passive reconnaissance
This happens when a hacker chooses to study the targeted system without actively engaging it, without the intention of directly engaging the target. Passive reconnaissance tactics include wardriving (discovery of unprotected wireless network), dumpster diving (finding data on discarded devices or documents), or masquerading (pretending to be a network user with authorization)
These two tactics can be essential tools when it comes to discovering vulnerabilities in your computer system to enable you to prevent any further attacks. Once you are able to use reconnaissance tactics, you can easily map out where the weak points of your computer system really are.
Once you are able to identify vulnerable points through the use of test reconnaissance attacks, you will realize that the simplest and best way to protect your computer system from snooping is to install an IPS (intrusion prevention system), which will serve as your safeguard from port scans and your automated method of shutting down any attempts of a port scan before an intruder gets the complete map of your network. At the same time, you can also install a good firewall that will control the visibility of your network’s ports.
What is an Active Attack?
Active attacks are direct attacks on the target network. Hackers aim to create data changes or Create data that attaches itself to the target for further use.
Active attacks are usually divided into the following categories:
1. Camouflage attack
In this attack, the hacker pretended to be a legitimate user of the network in order to obtain more in-depth information. Access or better authorization. Hackers usually do this by using hacked user IDs and passwords. Bypass the authentication system, or exploit the security vulnerabilities that have been discovered.
Once the hacker successfully penetrated into the system as he pretended to be Owned, they can easily change or delete any software or files and even kick out the authorization Users on the network. They can also modify the network and router settings, May allow them to access
2. Session replay
In this attack, the hacker used the stolen session ID to create an automatic The next time the target visits a specific website, the identity will be verified. This attack exploits The nature of the Web to store forms, cookies, and URLs on the browser. Once the hacker obtains the data used Through the specific session ID on the target website, he can continue the session replay attack, This allows him to perform all operations that the legitimate user of the ID can perform.
Since session replay attacks do not occur in real-time, this type of attack usually occurs in The legitimate user found a discrepancy in his account. In most cases, the victim of a session replay The attack only discovered that their account had been compromised when the identity was compromised happened.
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS)
DoS attacks are defined as denying access or services from legitimate users-you can see all The service running on the computer slows down or exits suddenly when you use it. A sort of, On the other hand, DDoS attacks involve a large number of systems that have been attacked before. Be hacked to attack a specific target.
Although DoS and DDoS attacks are not used to damage the target’s security system or steal data, they Can be used to generate a loss of profit or make the computer system completely useless during the operation used. Usually, these attacks are designed to cause a temporary interruption of the network connection and Reject all related services. In some cases, these attacks can also damage certain files And the program on the target computer.
DoS or DDoS attacks are very similar to slow Internet connections and slow computers at the same time. During this type of attack, you may feel that your network performance is abnormal The speed is slow and you cannot visit any website. At the same time, it’s easier to find out if You are being targeted-you may see that you receive too much spam or other Signs of abnormal traffic.
Now that you understand the types of attacks that hackers may launch, it’s time to learn how Hackers can activate them and be ready to take countermeasures.
Comments
Post a Comment