Attackers have various reasons for initiating an attack. Your goal ist to keep the people in your network safe. No matter the motive of the attacker.
Possible reasons for an attack could be:
- For fun aka. White(ish) Hat
- To steal/damage aka. Black Hat
- to make a political statement aka. Grey Hat
Now lets take a closer loot at the types of attack.
(Distributed) Denial-of-Service attacks prevent access to resources to users authorized to use them.
Imagine your servers are so busy responding to false requests, that they haven’t enough ressources to respond to the legitimate requests. May it be for bandwith or physical problems.
Usually the attack will result in one of the following:
- Denying access to information
- Bring down a host/website
- Crash the OS
- Use the full bandwith of an organisations communication
- Open as many TCP- Sessions as possible
Spoofing attack is a term used for different attacks that all share a similar trait: Masquerade.
Spoofing attacks are typically IP Spoofing, Arp Spoofing and DNS Spoofing.
The goal of IP Spoofing is to make it look like the data came from a trusted host, or to “hide the location” of an attacker.
With ARP Spoofing an attacker makes it look like the data came from a network/machine that it did not.
To route traffic, mail or any other data that uses a DNS to resolve a hostname, an attacker may use DNS Spoofing.
Using DNS Spoofing/ DNS Poisoning an attacker could reroute users to a maliscious copy of a banking website, wait untill users typed in the credentials and submitted them and collect them.
To crack hashed password, an attacker might use a password cracker with one of the following methods:
- Brute Force
- Rainbow Table
An explanation of all the different methods can be found here.