Skip to main content

Attack Types

Unit: 9 Lesson: 2

ranged, mental, physical, etc.

Fingerprinting and Footprinting

The attacker wishes to list all the network devices/services on the internal network, usually to select a weak target to attack and exploit. Footprinting is for the general topology and configuration of the network, while fingerprinting is for the device information, such as OS types/versions.

Spoofing

Spoofing is a general term. Spoofing is when the threat actor disguises themselves as a legitimate user, or when the threat actor sends falsified network requests that look normal. Common attack vectors target ARP and DNS services.

Denial of Service

You know this one well. It's when a flood of false requests to a service/server overwhelm the hardware, eat up all the resources, and cause service outages. DoS attacks also consist of physical attacks, like cutting a telephone wire or network wire that causes entire subnets to lose access.

DoS attacks are sometimes the precursor to spoofing or data exfiltration attacks, serving as a distraction.

Distributed DoS

When the threat actor uses a botnet to overwhelm services with lots of requests coming from many places. These are harder to defend against, since it's now harder to differentiate between a legitimate and a malicious request.

  • TCP SYN flood
  • Distributed Reflection/Amplification attacks (spoof the victim's IP address using the C&C server to other servers that redirect to the victim)
  • DNS/NTP query bombardment

#Netplus

Back to top