Kamis, 16 April 2015

21.48
The way how a hacker to penetrate or infiltrate and destroy a site is as follows :

1. IP Spoofing
IP spoofing is also known as the Source Address Spoofing, namely forgery attacker's IP address so the IP address of the attacker considers the target is the IP address of the host in the network rather than from outside the network. Suppose the attacker has a type A 66.25.xx.xx IP address when the attackers do this type of attack the network that attacked the attacker will assume the IP is part of networknya 192.xx.xx.xx eg, IP type C.

IP Spoofing terjadi ketika seorang attacker  packet routing untuk mengubah arah dari data atau transmisi ke tujuan yang berbeda. Packet untuk routing biasanya di transmisikan secara transparan dan jelas sehingga membuat attacker dengan mudah untuk memodifikasi asal data ataupun tujuan dari data. Teknik ini bukan hanya dipakai oleh attacker tetapi juga dipakai oleh para security profesional untuk men tracing identitas dari para attacker

2. Attack FTP
One of the attacks carried out against the File Transfer Protocol is a buffer overflow attack caused by malformed command. The purpose of this attack the FTP server the average is to get a command shell or to perform Denial of Service. Denial Of Service attacks may eventually lead to a user or attacker to retrieve the resource in the network without authorization, while the command shell can make an attacker gain access to the server system and data files that eventually an anonymous attacker could create a root-acces who have the right full against a system even the network being attacked.

3. Finger Unix Exploits.
In the early days of Internet, Unix OS finger utility efficiently used to download information sharing among users. Due to demand information on the information this finger does not blame the rules, many system administrators leave this utility (finger) with a very minimal security, even with no security at all. For an attacker is invaluable utility for information on footprinting, including login names and contact information.

This utility also provides excellent information about user activity within the system, how long a user is in the system and how much users care system. Information generated from this finger can minimize Kracker efforts in penetrating a system. Personal information about users who raised the finger daemon is already enough for a atacker to do social engineering by using social skillnya to utilize the user to "tell" your passwords and access codes to the system.

4. Flooding & Broadcasting.
An attacker can reduce the speed of networks and hosts that are in it significantly by continuing to perform request / demand for an information from servers that can handle the classic attacks Denial of Service (DoS), send a request to a port called excessive flooding, sometimes this is also called spraying. The purpose of this second attack is the same that make network resource that provides information becomes weak and finally gave up.

Flooding Attacks by way depends on two factors: the size and / or volume (size and / or volume). An attacker can cause Denial Of Service by throwing large capacity files or large volumes of small packets to a system. In such circumstances the network server will face congestion: too much information requested and not enough power to push the data to run. Basically a large package which requires greater processing capacity, but it is not normal and the same small package in a large volume of resources will be spent in vain, and the resulting congestion

5. Fragmented Packet Attacks

Internet data is transmitted via TCP / IP can be further divided into packages that contain only the first packet whose contents form a major part of information (header / head) of TCP. Some firewalls will allow to process part of the packages do not contain information on the packet source address first, this will result in some type of system to crash. For example, the NT server will be a crash if the packets are broken up (fragmented packet) enough information to rewrite the first packet of a protocol

6. E-mail Exploits.
Peng-exploitasian e-mails occurred in five forms namely: Floods mail, manipulation commands (command manipulation), the attack rate of transport (transport-level attack), enter the various codes (inserting malicious code) and social engineering (utilizing socialization physically). E-mail attack could cause the system to crash, open and execute even rewriting applications or files also make access to command functions (command function).

7. DNS and BIND Vulnerabilities.
Recent news about the vulnerability (vulnerabilities) on the application Berkeley Internet Name Domain (BIND) in various versions illustrate the fragility of the Domain Name System (DNS), which is a crisis that is directed at the basic operation of the Internet (basic Internet operation).

8. Password Attacks.
Password is a common thing when we talk about security. Sometimes a user does not care about the pin number they have, such as online transaction in the cafe, even transact online at home was extremely dangerous if not equipped with security software such as SSL and PGP. Password security is one procedure that is very difficult to attack, an attacker may have many tools (technically or in social life) only to open something that is protected by a password.

9. Proxy Server Attacks.
One function of proxy servers is to speed up response time by bringing together processes from multiple hosts in a trusted network.

10. Remote Command Processing Attacks
Trusted Relationship between two or more host facilities provide information exchange and resource sharing. Similar to a proxy server, trusted relationships give all members equal access to power networks at one and the other system (the network).

11. Remote File System Attack.
The protocols for data transport (backbone of the Internet) is the level of TCP (TCP level) with a mechanism that has the ability to read / write (read / write) between the network and host. Attacker can easily get trace information from this mechanism to gain access to the directory file.

12. Selective Program Insertions
Selective Program Insertions are done when the attacker attacks put destroyer programs, such as viruses, worms and trojans (maybe the term is already familiar to you?) On the target system. Destroyer programs are often also called malware. These programs have the ability to damage the system, file destruction, theft of passwords to open up a backdoor.

13. Port Scanning.
Through port scanning an attacker could see the functions and how to survive a system from a variety of ports. A atacker can get access to the system through an unprotected port. example, scanning can be used to determine where the default SNMP strings in the open to the public, which means information can be extracted for use in remote command attack.

14. TCP / IP Sequence stealing, Passive Listening Port and Packet.
Interception TCP / IP Sequence stealing, Passive Listening Port and Packet Interception walk to collect sensitive information to access the network. Unlike active attack or brute-force attacks that use this method to have more stealth-like qualities.

15. HTTPD Attacks.
Vulnerabilities contained in HTTPD webserver or there are five kinds: buffer overflows, bypasses httpd, cross scripting, web code vulnerabilities, and the URL Floods.


sumber : http://www.i-dus.com/

0 komentar:

Posting Komentar