Cross-Site Scripting Attacker inserts malicious code into an application, when regular users request the webpage it returns the malicious page and the attacker gains control over user data via code he injects.
Safely validating untrusted HTML input
Cookie security
Disabling scripts
A dictionary attack is a brute-force technique where attackers run through common words and phrases, such as those from a dictionary, to guess passwords. It is also known as dictionary password attack.
Most people use real words as passwords.
Trying all dictionary words and makes the attack much faster.
Hackers and spammers attempt to log in to a computer system by trying all possible passwords until the correct one is found.
Countermeasures
Lockout a user after X no of failed login attempts
Not using Dictionary words as passwords
A Fraggle attack is exactly the same as a smurf attack, except that it uses the user datagram protocol, or UDP, rather than the more common transmission control protocol, or TCP. Fraggle attacks, like smurf attacks, are starting to become outdated and are commonly stopped by most firewalls or routers.
The attacker sends UDP packets to the random ports of the victim host. The victim will check for application listening on the port and reply with the "ICMP destination unreachable" packet.
The attacker can spoof the IP address of the UDP packets so that no one can trace it back.
Countermeasures
Close all unused ports.
A smurf attack is a form of a distributed denial-of-service attack that renders computer networks inoperable
The Smurf program accomplishes this by exploiting vulnerabilities of the Internet Protocol (IP) and Internet Control Message Protocols (ICMP).
Huge numbers of ICMP requests are sent to the victim's IP address.
The source and destination IP address is spoofed. The hosts on the victim's network respond to the ICMP requests.
This creates a significant amount of traffic on the victim’s network, resulting in the consumption of bandwidth and ultimately causing the victim’s server to crash.
Countermeasures
Configure individual hosts and routers to not respond to ICMP requests or broadcasts; or
Configure routers to not forward packets directed to broadcast addresses.
A brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly.
The attacker systematically checks all possible passwords and passphrases until the correct one is found.
When password guessing, this method is very fast when used to check all short passwords.
There is a computer program run automatically to get the password.
The most basic brute force attack is a dictionary attack, where the attacker works through a dictionary of possible passwords and tries them all.
• Account Lockout - You Have Implemented Account Lockout With A Clipping Level Of 4
• Strong Passwords - A strong password must be at least 12 characters long and should consist of a random collection of uppercase and lowercase letters, numbers, and special characters.
• Implement Captcha - It is used to differentiate between real users and automated users, such as bots.
It is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
• Digital Signature - A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents.
• Mutual authentication - Mutual authentication, also known as two-way authentication, is a security process in which entities authenticate each other before actual communication occurs.
There is two kinds of attacks.
An active attack is network exploitation in which a hacker attempts to make changes to data on the target or data en route to the target.
A cyber attack is an attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. Without proper security measures and controls in place, our data might be subjected to an attack.
Some attacks are passive, meaning information is monitored; others are active, meaning the information is altered with intent to corrupt or destroy the data or the network itself.
The attack is not only from the side of external individuals but, it is also from internal sources.
