Sunday, February 12, 2012

Types of Computer Attacks

Now a day’s without security measures and controls in place, your data might be subjected to an attack. There are main types of computer attacks are passive attacks and active attacks.
In case of passive attacks, data transaction on the computer is monitored and later utilized for malicious interests and in case of active attacks, the information is altered with intent to corrupt or destroy the data or the network itself.
Active Types of Computer Attacks
Virus:
Most common and famous computer attacks are viruses which attempts to install itself on a user's system and to spread directly to other files on that system with the aim that these infected files will be transferred to another machine.
A virus relies on users to spread by sharing infected files either directly or via email. Once launched, a virus is completely independent of its creator.
Worm:
A worm is very similar to a virus. The main difference between virus and worm is that worms infect the system without any kind of assistance from the user.  It typically scans other computers for vulnerabilities which it is designed to exploit. When such a machine is identified, the worm will attack that machine, copying over its files and installing itself, so that the process can continue.
Trojan:
A Trojan virus is a dangerous program that masquerades as a legitimate program and thus bypasses your security program’s reach. It mostly comes embedded into freeware like weather forecast software and tray clocks etc.
Root Kit: 

Hackers gain access into the system with the use of root kit drivers and take full charge of the computer. A root kit is a piece of software that once installed on a victim's machine opens up a port to allow a hacker to communicate with it and take full control of the system. Root kits are also known as back doors. Some root kits give a hacker even more control of a machine than a victim may have themselves.
Hybrids:
Often malware is a dangerous hybrid that can combine the features of the different classifications described above. The SubSeven root kit is delivered and classified as a trojan.
Passive Types of Computer Attacks
Eavesdropping:
In this case, hackers will sneakily listen to the conversation happening between two computers on the network. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network. 
Data Modification:
When a hacker has read your data, then next step is to change it. And hackers can modify the data without the knowledge of the sender or receiver. Even if you do not require confidentiality for all communications, you do not want any of your messages to be modified in transit. For example, if you are exchanging purchase requisitions, you do not want the items, amounts, or billing information to be modified. 
Identity Spoofing (IP Address Spoofing):
Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed— identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet.
After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. The attacker can also conduct other types of attacks, as described in the following sections. 
Password-Based Attacks:
Password based attacks are common types of attacks. Here the hackers can easily access to the computer and network resources by gaining password control. And the attackers can easily change server and network configuration and can delete the data .data can also be passed onto different networks.
Denial-of-Service Attack:
This type of computer crime makes your system and network useless and the attacker may not necessarily gain access to the network, but will ensure that the user is not able to use the system.
After gaining access to your network, the attacker can do any computer crime like…
Send invalid data to applications or network services
Make computer or the entire network with traffic until a shutdown occurs because of the overload.
Block traffic, which result in a loss of access to network resources by authorized users.
hacked computer

Man-in-the-Middle Attack:
As the name indicates, a man-in-the-middle attack occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently. For example, the attacker can re-route a data exchange. When computers are communicating at low levels of the network layer, the computers might not be able to determine with whom they are exchanging data. 
Compromised-Key Attack:
A key is basically used to store sensitive data, a secret code or number. Hackers can easily attack on the key and can access the key information and the secure data. After an attacker obtains a key, that key is referred to as a compromised key. 
Sniffer Attack:
A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key.
Using a sniffer, an attacker can analyze your network and gain information to eventually cause your network to crash or to become corrupted. And read your communication 
Application-Layer Attack:
An application-layer attack targets application servers by deliberately causing a fault in a server's operating system or applications. This results in the attacker gaining the ability to bypass normal access controls. The attacker takes advantage of this situation, gaining control of your application, system, or network, and read, add delete or modify your data or operating system.

Note: If you are getting virus problem from your computer  then you can reach online technical support service desk of V tech-squad at their Toll Free No +1-877-452-9201 .

No comments:

Post a Comment