Tuesday, 24 March 2015

What is Fraggle Attacks?

 

A Fraggle attack is exactly the same as a smurf attack, except that it uses the user datagram protocol, or UDP, rather than the more common transmission control protocol, or TCP. Fraggle attacks, like smurf attacks, are starting to become outdated and are commonly stopped by most firewalls or routers.

The attacker sends UDP packets to the random ports of the victim host. The victim will check for application listening on the port and reply with the "ICMP destination unreachable" packet.

The attacker can spoof the IP address of the UDP packets so that no one can trace it back.

Countermeasures

Close all unused ports.


Posted by at No comments:
Labels: , , , , , , ,

Saturday, 14 March 2015

What is Smurf Attack?

 


A smurf attack is a form of a distributed denial-of-service attack that renders computer networks inoperable

The Smurf program accomplishes this by exploiting vulnerabilities of the Internet Protocol (IP) and Internet Control Message Protocols (ICMP).

Huge numbers of ICMP requests are sent to the victim's IP address.

The source and destination IP address is spoofed. The hosts on the victim's network respond to the ICMP requests.

This creates a significant amount of traffic on the victim’s network, resulting in the consumption of bandwidth and ultimately causing the victim’s server to crash.

Countermeasures

Configure individual hosts and routers to not respond to ICMP requests or broadcasts; or

Configure routers to not forward packets directed to broadcast addresses.

Posted by at No comments:
Labels: , , , , , , , , ,

Friday, 6 March 2015

What is Brute Force Attack?

Brute Force Attack

A brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly.

The attacker systematically checks all possible passwords and passphrases until the correct one is found.

When password guessing, this method is very fast when used to check all short passwords.

There is a computer program run automatically to get the password.

The most basic brute force attack is a dictionary attack, where the attacker works through a dictionary of possible passwords and tries them all.

Countermeasures

• Account Lockout - You Have Implemented Account Lockout With A Clipping Level Of 4

• Strong Passwords -  A strong password must be at least 12 characters long and should consist of a random collection of uppercase and lowercase letters, numbers, and special characters.

• Implement Captcha - It is used to differentiate between real users and automated users, such as bots.


Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)
Twitter Bird Gadget