Shulou(Shulou.com)06/02 Report--

This article is to share with you about the three types of network attacks in computer networks. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

There are three types of network attacks: (1) active attacks will lead to tampering of some data streams and generation of false data streams; (2) attackers do not make any changes to data information in passive attacks; and (3) node attacks, after breaking through a host, often use the host as a base to attack other hosts.

There are three types of network attacks:

I. active attack

Active attacks can lead to tampering of some data streams and the generation of false data streams. This kind of attack can be divided into tampering, falsifying message data and terminal (denial of service).

(1) tampering with messages

Tampering with a message means that some parts of a legitimate message are changed or deleted, and the message is delayed or changed in order, usually used to produce an unauthorized effect. If you modify the data in the transmission message, change "allow A to perform operations" to "allow B to perform operations".

(2) forgery

Forgery means that an entity (person or system) sends out data information containing the identity information of other entities, pretending to be other entities, so as to deceive and obtain the rights and privileges of some legitimate users.

(3) denial of service

Denial of service is often referred to as DoS (Deny of Service), which will cause the normal use or management of communication equipment to be interrupted unconditionally. It usually destroys the whole network to achieve the purpose of reducing performance and terminal services. Such an attack may also have a specific target, such as blocking all packets to a particular destination, such as the security audit service.

Second, passive attack

In a passive attack, the attacker does not make any changes to the data information. Interception / eavesdropping means that the attacker obtains the information or related data without the consent and approval of the user. It usually includes eavesdropping, traffic analysis, cracking weakly encrypted data streams and other attacks.

(1) Traffic analysis

Traffic analysis attacks are suitable for some special occasions, such as sensitive information is confidential. Although the attacker cannot get the true content of the message from the intercepted message, the attacker can also observe the patterns of these datagrams, analyze and determine the location of both sides of the communication, the number of communications and the length of the message, and get the relevant sensitive information. this attack is called traffic analysis.

(2) eavesdropping

Eavesdropping is the most commonly used means. Data transmission on the most widely used local area network is based on broadcast, which makes it possible for a host to receive all the information transmitted on the subnet. When the computer's network card works in miscellaneous collection mode, it can transmit all the information transmitted on the network to the upper layer for further analysis. If encryption measures are not taken, all the contents of the communication can be fully mastered through protocol analysis, and the eavesdropping can also obtain information by means of infinite interception. The electromagnetic wave radiated by the network station or the electromagnetic wave radiated by the network connecting equipment is received by a highly sensitive receiving device, and the original data signal is recovered through the analysis of the electromagnetic signal so as to obtain the network information. Although sometimes the data information can not be fully recovered by electromagnetic signals, valuable information may be obtained.

Because passive attacks do not make any changes to the attacked information, leaving traces are good, or do not leave traces at all, so it is very difficult to detect, so the focus of combating such attacks is to prevent, including virtual private network VPN, the use of encryption technology to protect information and the use of switched network equipment. Passive attacks are not easy to detect, so they are often the prelude to active attacks.

Although passive attacks are difficult to detect, measures can be taken to prevent them effectively, but it is very difficult to prevent attacks effectively, and the cost is too high. the main technical means to combat active attacks are detection and timely recovery from the damage caused by attacks. At the same time, detection also has a certain deterrent effect, which can also prevent attacks to a certain extent. Specific measures include automatic audit, intrusion detection and integrity recovery.

III. Node attack

After breaking through a host, attackers often use the host as a base to attack other hosts (to hide their intrusion path and avoid leaving clues). They can use network snooping to try to break into other hosts in the same network, and they can also attack other hosts through IP spoofing and host trust relationships.

This type of attack is very cunning, but because some technologies are very difficult to control, such as TCP/IP spoofing attacks. The attacker does this by disguising the external computer as another legitimate machine. He can corrupt the data on the communication link between two machines, and the purpose of his camouflage is to cajole other machines in the network into mistakenly accepting their attackers as legitimate machines, inducing other machines to send data to him or allow him to modify data. TCP/IP spoofing can occur at all levels of the TCP/IP system, including data link layer, network layer, transport layer and application layer. If the underlying layer is compromised, all protocols at the application layer will be at risk. In addition, because the users themselves do not communicate directly with the underlying layer, the attack on the underlying layer is more deceptive.

Thank you for reading! This is the end of this article on "what are the three types of network attacks in the computer network". I hope the above content can be of some help to you, so that you can learn more knowledge. If you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.