Common Networking Attacks Threats and Solution

A Network attack or security or security incident is defined as a threat, intrusion, denial of service or other attack on a network infrastructure that will analyze your network and gain information to eventually cause your network to crash or to become corrupted. In many cases, the attacker might not only be interested in exploiting software applications, but also try to obtain unauthorized access to network devices.

There are at least seven types of network attacks.

1. Spoofing.
2. Sniffing.
3. Mapping.
4. Hijacking.
5. Trojans.
6. DoS and DDoS.
7. Social engineering.

Spoofing:

Any internet connected device necessarily sends IP datagrams into the network. Such internet data packets carry the sender's IP address as well as application-layer data. If the attacker obtains control over the software software running on a network device, they can then easily modify the device's protocols to place an arbitrary IP address into the data packet's source address field. This is known as IP spoofing, which makes any payload appear to come from any source. 

Sniffing:

Packet sniffing is the interception of data packets traversing a network. A sniffer program works at the Ethernet layer in combination with network interface cards (NIC) to capture all traffic traveling to and from internet host site. Sniffing can be detected two ways:

1. Host-based : Software commands exist that can be run on individual host machines to tell if the NIC is running in promiscuous mode.
2. Network-based : Solutions tend to check for the presence of running processes and log files, which sniffer programs consume a lot of. However, sophisticated intruders almost always hide their tracks by disguising the process and cleaning up the log files.

The best countermeasure against sniffing is end-to-end or user-to-user encryption.

Mapping:

Before attacking a network, attackers would like to know the IP address of machines on the network, the operating systems they use, and the services that they offer. With this information, their attacks can be more focused and are less likely to cause alarm. The process of gathering this information is known as mapping

Hijacking: 

Hijacking occurs when someone between you and the person with whom you are communicating is actively monitoring, capturing, and controlling your communication transparently.

Trojan:

These are programs that look like ordinary software, but actually perform unintended or malicious actions behind the scenes when launched. Most remote control spyware programs are of this type. The number of trojan techniques are only limited by the attacker's imagination. A torjanizes file will look, operate, and appear to be the same size as the compromised system file.

DoS and DDoS:

A denial of service attack is a special kind of Internet attack aimed at large websites. It is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Denial of Service can result when a system, such as a Web server, has been flooded with illegitimate requests, thus making it impossible to respond to real requests or tasks.

Social engineering:

Social engineering is the use of persuasion or deception to gain access to information systems. The medium is usually a telephone or e-mail message. The attacker usually pretends to be a director or manager in the company traveling on business with a deadline to get some important data left on their network drive. 




References:
http://ayurveda.hubpages.com/hub/Types-of-Network-Attacks