Attacks
There are three different types of attacks, which are named based on the attacker’s intent:
■ Reconnaissance attack—Designed to gain information about a specific target network or
resource. Typical types of reconnaissance attacks include the following:
— DNS query—Checks the DNS to see what address space is registered to a
specific organization
— Ping sweep—Directs ICMP packets at specific host addresses on a
network, enabling the attacker to determine what addresses are being used
based on the replies received
— Vertical scan—Directs a scan against all the service ports of a specific host
to determine which services are running on that host
— Horizontal scan—Directs a scan for a single service port against a range of
network addresses
— Block scan—Directs a scan for multiple service ports against a range of
network addresses
■ Access attack—Designed to gain access to a network or resource. There are three main
goals of an access attack:
— Interception—Retrieve, alter, or destroy data
— Modification—Add, move, or change network resources, including user
access
— Fabrication—Install exploits that can be used later to gain access to the
network or resource
■ DoS attack—Designed to deny authorized access to the target network or resource