An attack usually is perpetrated by someone with bad intentions: Black hatted attacks falls in this category, while other perform Penetration testing on an organization information system to find out if all foreseen controls are in place.
The attacks can be classified according to their origin: i.e. if it is conducted using one or more computers: in the last case is called a distributed attack. Botnet are used to conduct distributed attacks.
Other classifications are according to the procedures used or the type of vulnerabilities exploited: attacks can be concentrated on network mechanisms or host features.
Some attacks are physical: i.e. theft or damage of computers and other equipment. Others are attempts to force changes in the logic used by computers or network protocols in order to achieve unforeseen (by the original designer) result but useful for the attacker. Software used to for logical attacks on computers is called malware.
The following is a partial short list of attacks:- Passive
- Network
- wiretapping
- Port scanner
- Idle scan
- Network
- Active
- Denial-of-service attack
- Spoofing
- Network
- Man in the middle
- ARP poisoning
- Ping flood
- Ping of death
- Smurf attack
- Host
- Buffer overflow
- Heap overflow
- Format string attack
No comments:
Post a Comment