Hello, Lets explain "TCP/IP & UDP Attacks", Most common and effective Web attacks...Lets Know abt its basic and types...
TCP operates using synchronized connections. The synchronization
is vulnerable to attack; this is probably the most common attack used
today. The synchronization or handshake, process initiates a TCP
connection. This handshake is particularly vulnerable to a DoS attack
referred to as the TCP SYN Flood attack. The process is also susceptible
to access and modification attacks, which are briefly explained in the
following sections.
TCP SYN or TCP ACK Flood Attack: This
attack is very common... The purpose of this attack is to deny service.
The attack begins as a normal TCP connection: the client and the server
exchange information in TCP packets. The TCP client continues to send
ACK packets to the server, these ACK packets tells the server that a
connection is requested. The server thus responds to the client with a
ACK packet, the client is supposed to respond with another packet
accepting the connection to establish the session. In this attack the
client continually send and receives the ACK packets but it does not
open the session. The server holds these sessions open, awaiting the
final packet in the sequence. This cause the server to fill up the
available connections and denies any requesting clients access.
TCP Sequence Number Attack: This
is when the attacker takes control of one end of a TCP session. The
goal of this attack is to kick the attacked end of the network for the duration of the session. Only then will the attack be
successful. Each time a TCP message is sent the client or the server
generates a sequence number. The attacker intercepts and then responds
with a sequence number similar to the one used in the original session.
This attack can then hijack or disrupt a session. If a valid sequence
number is guessed the attacker can place himself between the client and
the server. The attacker gains the connection and the data from the
legitimate system. The only defense of such an attack is to know that
its occurring... There is little that can be done...
TCP Hijacking: This
is also called active sniffing, it involves the attacker gaining access
to a host in the network and logically disconnecting it from the
network. The attacker then inserts another machine with the same IP
address. This happens quickly and gives the attacker access to the
session and to all the information on the original system.
UDP packets aren't connection oriented and don't require the
synchronization process as with TCP. UDP packets, however, are
susceptible to interception, thus it can be attacked. UDP, like TCP,
doesn't check the validity of an IP address. The nature of this layer is
to trust the layer above it (I'm referring to the IP layer). The most
common UDP attacks involve UDP flooding. UDP flooding overloads
services, networks, and servers. Large streams of UDP packets are
focused at a target, causing UDP services on that host to shut down. It
can also overload the network and cause a DoS situation to occur.
ICMP Attacks: This occur by
triggering a response from the ICMP protocol when it responds to a
seemingly legitimate request (think of it as echoing). Ping for
instance, that uses the ICMP protocol. Ping is a good example of this
type of attack, it overloads te server with more bytes than it can
handle, larger connections. Its ping flood.
Smurf Attacks: This
attack uses IP spoofing and broadcasting to send a ping to a group of
hosts on a network. When a host is pinged it send back ICMP message
traffic information indicating status to the originator. If a broadcast
is sent to network, all hosts will answer back to the ping. The result
is an overload of network and the target system. The only way to prevent
this attack is to prohibit ICMP traffic on the router.
ICMP Tunneling: ICMP
can contain data about timing and routes. A packet can be used to hold
information that is different from the intended information. This allows
an ICMP packet to be used as a communications channel between two
systems. The channel can be used to send a Trojan horse or other
malicious packet. The counter measure is to deny ICMP traffic on your
network.
Warning: ICMP
can be very dangerous..and Even, Don't try such attack from
your pc, untill you don't know that how to be invisible on internet!
Beccause once you get traced out ...No one can help you from Troubles..
Content from: CA
It's actually a great and helpful piece of info. I'm happy that you shared this useful info with us. Please stay us informed like this. Thanks for sharing. sign in hotmail
ReplyDeleteWe require more such articles that we can read with such energy.
ReplyDelete192.168.01 login
A man was running strolling to his goal and went over a mountain. He could hear the hints of the individuals who were pursuing him. The mountain like a mammoth stood resistant in his way how to become good hacker
ReplyDeleteWow, cool post. I'd like to write like this too - taking time and real hard work to make a great article... but I put things off too much and never seem to get started. Thanks though. https://192-168-i-i.com
ReplyDeleteThe article looks magnificent, but it would be beneficial if you can share more about the suchlike subjects in the future. Keep posting. 192.168
ReplyDeleteThis online journal is so pleasant to me. I will continue coming here over and over. Visit my connection too.. check my ip address
ReplyDeleteAs first time homeowners and newbies on the mortgage process, Dashna was very informative and thorough in the mortgage pre-approval, and approval process. mortgage payment calculator Actual payment amounts may vary and will probably be determined at the time of signing the Mortgage Loan Agreement. canada mortgage calculator
ReplyDeletel want to hack free fire
ReplyDeleteMy Facebook account was hacked please help me
ReplyDelete