Traditional Culture Encyclopedia - Traditional stories - Four main types of network attacks
Four main types of network attacks
Browser-based network attacks are related to the second common type. They try to destroy machines through web browsers, which is one of the most common ways people use the Internet. Browser attacks usually start from legitimate but vulnerable websites. The attacker attacked the website and infected it with malware. When a new visitor arrives (through a web browser), the infected site will try to force malware into its system by exploiting the vulnerability in its browser.
strength
A brute force attack is similar to knocking down the front door of the network. Attackers try to find the password of a system or service through trial and error, instead of trying to trick users into downloading malicious software. These cyber attacks can be very time-consuming, so attackers usually use software to automatically perform the task of typing hundreds of passwords.
Violent cracking attacks are one of the important reasons for following password best practices, especially on key resources such as network routers and servers.
Long and complicated passwords are more difficult to be cracked by brute force than stupid passwords (such as "123456", "qwerty" and "password"). Rest assured: these are the first keys that the attacker tried.
Denial of service (DDoS) attack
Denial of service attacks (also known as distributed denial of service attacks (DDoS)) rank third in the list of network security attacks and are increasing every year.
DDoS attacks try to overwhelm resources such as websites, game servers or DNS servers-full traffic. Usually, the goal is to slow down the system or crash it.
But the frequency and complexity of DDoS attacks are increasing.
worm virus
Malware usually requires user interaction to start infection. For example, this person may have to download a malicious email attachment, visit an infected website, or plug an infected USB into the computer. Worm attacks will spread by themselves. They are self-propagating malware and do not require user interaction. Usually, they use system vulnerabilities to spread outside the local network.
WannaCry ransomware infected more than 300,000 computers in a few days, using worm technology to attack networks and computers.
WannaCry quickly destroyed a machine with a wide range of Windows vulnerabilities. Once the machine is infected, malware will scan the connected LAN and WAN to find and infect other vulnerable hosts.
Malware attack
Of course, malware is an application created by malware to harm, hijack or monitor an infected system. It is not clear why "worm attacks" are not included in this category-because they are usually related to malware.
In any case, malware is common and well known. It spreads in three common ways:
Phishing mail? Attackers create emails to lure victims into a false sense of security and trick them into downloading attachments that eventually become malware.
Malicious website? Attackers can build websites that contain toolkits, which are designed to find vulnerabilities in website visitors' systems and use them to force malware into their systems. These websites can also be used to disguise malware as legitimate downloads.
Malicious advertisement? Clever attackers have found ways to distribute goods through advertising networks. After clicking, malicious advertisements can redirect users to malware hosting websites. Some malicious advertising attacks can even infect the system without user interaction.
network attack
Public-oriented services, such as Web applications and databases, are also targets of network security attacks.
The most common network application attacks:
Cross-site scripting (XSS)? Attackers destroy vulnerable websites or web applications and inject malicious code. When the page loads, the code will execute malicious scripts on the user's browser. Instead of submitting standard data to text boxes or other data entry fields, SQL injection (SQLi) attackers enter SQL statements to trick applications into displaying or manipulating their data.
Path traversal? Attackers formulate HTTP requests to bypass access control and navigate to other directories and files in the system. For example, a path traversal attack can grant an attacker access to the core files of a site's Web server, not just the contents of a single website.
Scanning attack scanning is not a thorough network attack, but a reconnaissance before the attack. Attackers use widely used scanning tools to detect public-oriented systems in order to better understand existing services, systems and security.
Port scanner is a simple tool to determine the open ports of the system. There are several types, some of which are designed to prevent the detection of scanned objects.
Vulnerability Scanner collects information about the target and compares it with known security vulnerabilities. The result is a list of known vulnerabilities on the system and their severity.
Other attacks
We can only speculate on the type of network attack that binds "other". In other words, there are some common doubts:
Physical attack? Trying to destroy or steal the network architecture or system in an old-fashioned way. Stolen laptops are a common example.
Insider attack? Not all cyber attacks are carried out by outsiders. Angry employees, criminal third-party contractors and clumsy employees are just a few potential participants. They can steal and abuse access credentials, abuse customer data or accidentally disclose sensitive information.
Advanced persistent threat? The most advanced cyber attacks are carried out by elite hacker teams, who adjust and customize the technology according to the target environment. Their goal is usually to steal data for a long time through hiding and "persistence".
Expand the rest of the content
- Previous article:202 1 composition materials for senior high school entrance examination
- Next article:What are the sceneries in Fuqing Haiyao
- Related articles
- Analysis of the current situation of network marketing
- Putuo District Yuantong cloud warehouse sent by the courier can be received?
- What does the O-to-O mode mean?
- What is the most important festival in France?
- Which one is better, Anshan Wenhua Private School or Yuying?
- Enamel identification, enamelware enthusiasts of the required courses
- Sichuan's specialty some things?
- Black-and-White Illustration of Food ¡ª¡ª How to Draw New Year's Food Handwritten Newspaper
- Grand Canal The magnificent scenery of Hangzhou Canal Square.
- What are the good technical schools in Cangzhou in 2022?