Active Attacks: An Active attack attempts to alter system resources or effect their operations. Active attacks involve some modification of the data stream or creation of false statement.
Passive Attacks: A Passive attack attempts to learn or make use of information from the system but does not affect system resources. Passive Attacks are in the nature of eavesdropping on or monitoring of transmission. The goal of the opponent is to obtain information is being transmitted.
Common types of cyber attacks:
Malware: Malware is a term used to describe malicious software, including spyware, ransom ware, viruses, and worms. Malware breaches a network through vulnerability, typically when a user clicks a dangerous link or e-mail attachment that then installs risky software.
Phishing: Phishing is the practice of sending fraudulent communications that appear to come from a reputable source, usually through e-mail. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
Man-in-the-middle Attack: Man-in-the-middle (MitM) attacks, also known as eaves dropping attacks, occur when attackers insert themselves intola two-party Transaction. Once the attackers interrupt the traffic, they can filter and steal data
Denial-of-service attack!: A denial-of-service attack foods systems. servers, on networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack This is known as a distributed-denial-of-service (DDoS) attack.
SQL Injection: A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box.
Zero-day Exploit: A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability thrheit detection requires constant awareness.
DNS Tunneling: DNS tunneling utilizes the DNS protocol to communicate non-DNS traffic over port 53. It sends HTTP and other protocol traffic over DNS. There are various, legitimate reasons to utilize DNS tunneling.
However, there are also malicious reasons to use DNS Tunneling VPN services. They can be used to disguise outbound traffic as DNS, concealing data that is typically shared through an internet connection. For malicious use,DNS requests are manipulated to exfiltrate data from a compromised system to the attacker’s infrastructure. It can also be used for command and control call backs from the attacker’s infrastructure to a compromised system.
Subcribe on Youtube - IGNOU SERVICE
For PDF copy of Solved Assignment
WhatsApp Us - 9113311883(Paid)
0 Comments
Please do not enter any Spam link in the comment box