Skip to main content

Network Attack Types in brief explanation

In general,we can classify the network attacks in three part as Single-Packet Attack, Scanning Attack and Flood Attack.

Single-packet attack is also called malformed packet attack because many single-packet attacks use defective IP packets, such as overlapping IP fragments and packets with illegal TCP flags.
A single-packet attack occurs when:
• An attacker sends defective IP packets to a target, causing the target system to malfunction or crash.
• An attacker sends large quantities of junk packets to the network, using up the network bandwidth.
Single-Packet Attack has multipe types and below list are Single-Packet Attack types those can be found in real world.
Smurf attack
ICMP redirect attack
ICMP unreachable attack
Large ICMP attack
TCP flag attack
Tracert attack
Fraggle attack
WinNuke attack
Land attack
Source route attack
Route record attack

Scanning Attack is actually an attacker uses some scanning tools (like nmap,nessua, satan,ettercap) to scan host addresses and ports in a network, so as to find
possible targets and the services enabled on the targets and figure out the network topology, preparing
for further attacks to the target hosts. This type has two type, Active and Passive Scanning.
Below is type of Scan Attack which can be face in real world.
Scan attack

Flood attack is an attacker sends a large number of forged requests to the targets in a short time, so that the target
system is too busy to provide services for legal users, resulting in denial of services.
Below attack are the attack-types those you might challenge in real world.
ICMP flood attack
UDP flood attack
SYN flood attack

Well. I believe that you know about what is network attack type and how is their mission on their target briefly.

In fact, talking about network attack is very wide and never ending story I believe.
I write this post as intro to write another post which going to explain how to configure IPS function on HP MSR Router to prevent such attack.
OK. See you at the next post on configuring IPS function on HP MSR Router to prevent network attacks.

Have a good day.
(Be knowledgeable, pass it on then)


Comments

  1. We sell original Herbal Products composed of Natural Herbs Clinic obtained from the world’s top botanic gardens under the cautious administration of experts who are working day and night to make the herbal products even better and to increase the range so that people suffering from certain ailments which do not have any identified care as yet can benefit from our formulas.

    ReplyDelete

Post a Comment

Popular posts from this blog

Link Aggregating with Synology NAS and Cisco Switch

I’d like to share how to setup Link Aggregating between Synology NAS and Cisco Switch. I’ve got one Synology NAS with 4 Network Ports and I’m going to use 2 of them. Both Network Port to be as one Logical Link, Fault Tolerance and Load Balancing. To do that, I need to configure Link Aggregating on Synology NAS and EtherChannel with LACP on Cisco Switch. Below is brief steps to do to meet with my requirements. - Get connected Synology NAS and Cisco Switch as shown in picture. - Bonding two Network Ports of Synology NAS and assign IP Address - Configure EtherChannel with LACP in Cisco Switch and add two physical ports as Member. OK. Let’s begin from Synology NAS. - Login to the Synology and go to Control Panel>Network>Create>Create Bond - Select IEEE 802.3ad to get Fault Tolerance and Load Balancing Featureyou’re your switch not support 802.3ad you can only select Fault Tolerance only feature). After that click “Next”. - Choose the network port f

How to check the vpn user list and session in Cisco ASA 5520?

You've deployed Cisco ASA Firewall and setup Local AAA Server to create useraccount for IPSec VPN usage. As a network administrator, you've responsibility to check and monitor the list of vpn user and active session for security and audit purpose. You can use ASDM GUI to do such task but its handy to do. So, it is better to user CLI for that. Below are some useful commands to check user list and active vpn user sessions. To check user list, use below commands - show run | grep username - show aaa local user To check active vpn user list and sessions, use below commands - show vpn-sessiondb remote | grep Username (This command result will let you know how many user are active) - show vpn-sessiondb remote filter name username (This filter command will let you know details of vpn session user by inserting active vpn username in "username" ) Yes. That's all. Here I show you with Cisco ASA 5520 and its software version is 8.2 (5). May

PAN OS API Key problem after upgrade from 7 to 8

When you use External Block List for Malicious IP with your PaloAlto, you need API Key for your server to refresh the list whenever you update the content. The API key syntax for PAN OS 7 and 8 is different and it will take your time after you upgrade PAN OS. So here is the solution what I've tested. Syntax for 7 is https://<firewall IP>/api/?type=op&cmd=<request><system><external-list><refresh><name>Type your EBL Name Here</name></refresh></external-list></system></request>&key="API Key" Syntax for 8 is https://<firewall ip>/api/?type=op&cmd=<request><system><external-list><refresh><type><ip> <name>Type your EBL Name Here</name></ip> </type></refresh></external-list></system></request>&key="API Key" Have fun with PAN OS. Thanks. Have a good da