Types of attack on website and server

Ip address spoofing atteck

IP address spoofing is a type of attack when an attacker assumes the source Internet Protocol (IP) address of IP packets to make it appear as though the packet is coming from another valid IP address. In IP address spoofing, IP packets are generated with fake source IP addresses in order to impersonate other systems or to protect the identity of the sender.

To explain this clearly, in IP address spoofing, the IP address information placed on the source field of the IP header is not the real IP address of the source computer, where the packet was originated. By changing the source IP address, the actual sender can make it look like the packet was sent by another computer and therefore the response from the target computer will be sent to the fake address specified in the packet and the identity of tha attacker is also protected.

Packet filtering is a method to prevent IP spoofing attacks. Blocking of packets from outside the network with a source address inside the network (ingress filtering) and blocking of packets from inside the network with a source address outside the network (egress filtering) can help preventing IP spoofing attacks.

Dns spoofing atteck

DNS is the short for Domain Name System. DNS is a required service in TCP/IP networks and it translates domain names into IP addresses. Computers in the network communicate using IP address. IP addresses are a 32 bit numbers which are difficult to remember. Domain names are alphabetic and for humans they are easier to remember. When we use a domain name to communicate with another host, DNS service must translate the name into the corresponding IP address.

I hope you have DNS Servers keep a database of domain names and corresponding IP addresses. DNS Spoofing attacks are made by changing a domain name entry of a legitimate server in the DNS server to point to some IP other than it, and then hijacking the identity of the server.

Generally there are two types of DNS poisoning attacks; DNS cache poisoning and DNS ID Spoofing.

In DNS cache poisoning a DNS server is made to cache entries which are not originated from authoritative Domain Name System (DNS) sources. IN DNS ID spoofing, an attacker hack the random identification number in DNS request and reply a fake IP address using the hacked identification number.

Phising and pharming

Phishing spoofing attack is a combination of e-mail spoofing and Web site spoofing attack. Phishing attacker starts the phishing attack by sending bulk e-mails impersonating a web site they have spoofed. Normally the phishing attack emails seems to be from legitimate financial organizations like banks, alerting the user that they need to login to their account for one reason or another.The link also will be provided in the email which is a fake web site, which is designed very similar to the bank web site. Normally the link’s anchor text will be the real URL of the bank’s website but anchor will be a URL with IP address of the web si te which is in attacker’s control. Once the user enters the userid/password combination and submits those values, the attacker collect those values and the  web page is redirected to the real site.

Back door atteck

A backdoor in an Operating System or a complex application is a method of bypassing normal authentication and gain access. During the development of an Operating System or application, programmers add back doors for different purposes. The backdoors are removed when the product is ready for shipping or production. When a backdoor is detected, which is not removed, the vendor releases a maintenance upgrade or patch to close the back door.

Another type of back door can be an installed program or could be a modification to an existing program. The installed program may allow a user log on to the computer without a password with administrative privileges. Many programs are available on internet to create back door attacks on systems.

One thought on “Types of attack on website and server

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: