Types of Network Attacks
There are three major categories of network attacks:
■ Reconnaissance attacks—In reconnaissance attacks, the intruder
attempts to gain information about a network, typically in preparation
for a more aggressive attack later. Methods used in reconnaissance
attacks include ping sweeps, installation of packet sniffers to gather
passwords and other sensitive information, port scans to discover
vulnerable services, and Internet information queries (Domain Name
System [DNS] records, Internet Assigned Numbers Authority [IANA]
records, search engine queries, and so on).
■ Access attacks—In access attacks, the intruder attempts to gain unauthorized
access to a network. Methods used in access attacks include
password cracking or guessing, trust exploitation, port redirection,
man-in-the-middle (MitM) attacks, buffer overflows, and attacks
against network applications
■ Denial-of-service (DoS) attacks—In DoS attacks, the attacker tries to
deny legitimate users access to a network resource. This might involve
destruction of a compromised network system (such as erasing hard
drives or operating system files) or just flooding the resource with
more traffic than it can process. A DoS attack that is launched from a
large number of hosts simultaneously is called a distributed DoS
(DDoS) attack. These types of attacks are usually the most difficult to
mitigate.