What is sniffing?

Wiretapping is a process of monitoring the telephone and internet conversations by a third party attackers connect a hardware or software or combination of both to the switch carrying information between two phones or hosts on the internet.
Image result for sniffing

Types of wire taping

1. Active wire taping: It only monitors, records the traffic (silently) and also alters the traffic.

2. Passive wire taping: It only monitors and records the traffic.

Sniffing attacks are vulnerable to following protocols.

1. Telnet

2. FTP

3.SMTP

4. HTTP

5. POP3

6. NTP

7. IMAP

8. SNMP

9. RDP

In network sniffing attacks are mostly done on data link layer and network layer of OSI reference model based switches

Recommended sniffing tool is Wireshark. 

Wireshark is available for both windows and Linux, it is the best tool for sniffing and it's absolutely free.


You can download Wireshark from their official site Wireshark download.

Session Hijacking


1. HTTP Cookie: It is a small piece of data sent from a website and stored in the user's web browser while the user is browsing it.
Every time the user loads the website. a browser sends a cookie back to the server to notify the user's previous activity.

This is how Facebook tracks your behavior on the internet and according to that, the ads are shown on your wall.

2. Session ID: A session ID is a unique number that a website server assigns a specific user for the duration of that users to visit or session.

The session ID can be stored as a cookie, form feed or URL. Some web servers generate session ids by simply incrementing static members. Every time an internet user visits a specific website, a new session id's assigned. Closing a browser and then re-opening and visiting the site again generates a new session ID. However, the same session ID is sometimes maintained as long as the browser is open in some cases web servers terminate a session and assigns a new session ID after a few minutes of inactivity.

Session Hijacking

It is when a hacker takes control of a user session after the user has successfully authenticated with a server, session hijacking involves an attack identifying the current session ids of a client or server communication and taking over the client's session. Session hijacking is made possible by tools that perform sequence number prediction.

What is Social Engineering?

Social engineering is a non-technical method of breaking into a system or network it is the process of deceiving. Users of a system and convincing them to perform acts useful to the hacker such as giving out information that can be used to defeat or bypass security mechanisms.
Social Engineering is important to understand because hackers can use it to attack a human element of a system and circumvent technical security measures. This method can be used to gather information before or during an attack.

Social engineering is divided into 3 methods.

1. Phishing: The practices of sending emails appearing to be from reputable sources with the goal of influencing or aiming personal information.

2. Vishing: The practice of extracting information or attempting to influence action via the telephone.

3. Impersonation: The practice of pretexting as another person with the goal of obtaining information or access to a person, company or computer system.

Social Engineering Countermeasures in a corporate environment

1. Train employees and helpdesk to never reveal passwords or other information by phone.

2. Implement script bad from a token or biometric authentication, employee training and security guards.

3. Employee trainee, best practices, and checklist for using passwords and escort all guests from shoulder surfing based attacks.

4. Lock and monitor mail room from theft, damage or forging of mail based attacks.

5. Keep the phone closed, server rooms locked at all times and keep updated inventory on equipment
for attacks like attempting to gain access, remove equipment and attach a protocol analyzer to grab the confidential data.

What is DOS attack?

DOS ( Denial of Service) is an attack on a computer or network that prevents the genuine use of its resources. In a DoS attack attackers flood a victim's system or network with an illegal service request or traffic to overload its resources which prevent it from performing intended tasks.

DDoS (Distributed Denial of Service) attack

A DDoS attack involves a multitude of compromise systems attacking a single target thereby causing DoS for users of the target system. To launch a DDoS attack an attacker uses BOTnets which are created using "RAT" and attacks a single system.

Types Of DoS and DDoS attacks



Bandwidth attacks

Service Request Floods

Buffer overflow

Protocol based attacks

HTTP flood attack

SYN flood attack

UDP flood attack

TCP flood attack

DoS and DDoS attacks Countermeasures


Configure the firewall to deny external ICMP traffic access.

Secure the remote administration and perform connectivity testing.

Disable unused and insecure services.

Update OS kernel to the latest release.

Prevent the transmission of the fraudulently addressed packets at ISP level.

Use a better network card to handle a large number of packets.

Deploy honeypot in the network to capture the signatures of DDoS attacks and apply intrusion prevention system to stop the attack.

Comments

Post a Comment

Popular posts from this blog

Managing Output with Manipulators in C++

Well, when I started studying C++ or you can say when I was forced to study CPP I was like already I have Maths, Physics and Chemistry to study so why this shitty extra burden on my shoulders. But that subject which I was forced to study or having no other option instead of studying CPP became my passion now. Anyways that's a hell of a story! So, this piece of reading will give you an explanation about what are manipulators and how they are implemented in CPP. Manipulators By the name you might have already thought that this is going to be something related to manipulation of something. Well, you are on a right track So, you already got an idea what it is about I would like to make it clear that what is that "something". That something is nothing but Input and Output operations. Well, in this post we will be focusing mainly on Managing Output with Manipulators. Lets, start the boring thing! The header file iomanip provides a set of functions call
Read more

Creating a bootable USB.

A lot of people just asks me how to create a bootable USB easily. The funny part is that they mainly ask how to make it for Linux, I mean bro, if you don't know even how to make a bootable USB then you better should stick with windows OS, because it suits you better, but for the people who are reading this article for creating bootable USB, guys, first of all, I will tell you the simplest method. Don’t expect from me to explain to you how to make it using the command prompt. So, all you need is one software of 1 MB, your ISO file, a computer and yeah USB. So, just download the software Rufus from their official site(first link after typing Rufus on Google). Then make sure your ISO image file is downloaded. Now run the Rufus.exe file and then select the USB disk, from the first 'disk' option then in the bottom right of the application there will be a mall option.  Looking like a CD mounted on HDD. Click on that and select the ISO image file. A
Read more