An active attack is a direct exploit on a targeted network, in which a hacker aims to create data changes or create data that will attach itself to the target to make further exploits.
Active attacks are typically classified into the following:
1. Masquerade attack
In this attack, a hacker pretends to be a legitimate user of the network in order to gain deeper access or better authorization. A hacker typically does this by using hacked user IDs and passwords, bypassing an authentication system, or exploiting discovered security flaws.
Once a hacker becomes successful in infiltrating the system with the identity that he pretends to have, they can easily make changes or delete any software or file, and even kick out authorized users on a network. They can also make modifications on the network and router settings, which may allow them to gain access to the
2. Session replay
In this attack, a hacker makes use of a stolen session ID in order to create an automatic authentication the next time the target accesses a particular website. This attack exploits the web’s nature of storing forms, cookies, and URLs on a browser.
Once the hacker gets the data used by a particular session ID on a targeted website, he can then proceed to a session replay attack, which allows him to do everything that the legitimate user of the ID can do. Since session replay attacks do not happen on real time, this attack is typically discovered once the legitimate user finds discrepancies on his account. Most of the time, victims of a session replay attack only discover that their accounts has been compromised when identity theft already occurred.
3. Denial of Service (DoS) and Distributed Denial of Service (DDoS)
A DoS attack is defined as the denial of access or service to a legitimate user – you can see that all services that are running on your computer are slowing down or quit suddenly as you use them. A DDoS attack, on the other hand, involves a larger number of systems that have been previously compromised by a hacker to attack a particular target.
While DoS and DDoS attacks are not used to destroy a target’s security system or to steal data, it can be used to generate profit loss or to render a computer system entirely useless while it is being used. Usually, these attacks are made to create a temporary loss in connectivity on a network and deny all related services. In certain occasions, these attacks can also work to destroy certain files and programs on a targeted computer.
A DoS or a DDoS attack is very similar to having a slow internet connection and a slow computer at the same time. During such an attack, you may feel that your network’s performance is unusually slow and you cannot access any website. At the same time, it is also relatively easy to find out if you are being targeted for an attack – you may see that you are receiving too much spam or other signs of unusual traffic.
Now that you have an idea on the types of attacks that a hacker may launch, it’s time for you to learn how a hacker can launch them and prepare yourself to do countermeasures
No comments:
Post a Comment