Common Network Attacks

Common Network Attacks

 

By: Engr. Ahmed Malik (Advisor to Cisco ASC/ITC & Director Tech Awareness)

Networks are frequent targets. A threat actor who gains administrative access to a corporate network infrastructure can:

  • Steal data
  • Delete data
  • Disrupt network availability

To achieve their objectives, attackers commonly use the following three categories of network attacks:

  1. Reconnaissance Attacks
  2. Access Attacks
  3. Denial-of-Service (DoS) Attacks

1. Reconnaissance Attacks

Reconnaissance means information gathering. Similar to a thief surveying homes, attackers try to discover and map systems, services, or vulnerabilities before launching a major attack.

Common Techniques:

  • Information Query – Using Google search, organization websites, Whois, etc.
  • Ping Sweep – Identifying active IP addresses.
  • Port Scanning – Tools: Nmap, SuperScan, Angry IP Scanner, NetScanTools.
  • Vulnerability Scanning – Tools: Nessus, OpenVAS, Nipper, Secuna PSI.
  • Exploitation Tools – Tools: Metasploit, Sqlmap, SET, Core Impact.

2. Access Attacks

These exploit vulnerabilities in authentication, FTP, or web services to gain unauthorized entry, retrieve confidential data, or escalate privileges.

Types of Access Attacks:

a. Password Attacks – Cracking system passwords using tools.
b. Spoofing Attacks – IP spoofing, MAC spoofing, DHCP spoofing.
c. Trust Exploitation – Misusing unauthorized privileges.
d. Port Redirection – Using a compromised system as a base for further attacks.
e. Man-in-the-Middle (MitM) – Intercepting and modifying communication.
f. Buffer Overflow – Overloading memory buffers, often leading to DoS.
g. Social Engineering Attacks – Manipulating humans to gain access.

Social Engineering Techniques:

  • Pretexting
  • Phishing & Spear Phishing
  • Spam
  • Baiting
  • Impersonation
  • Tailgating
  • Shoulder Surfing
  • Dumpster Diving

Note: The Social Engineering Toolkit (SET) helps security professionals test their networks against such attacks.

3. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks

DoS Attacks:

  • Traffic Overload – Flooding with enormous data.
  • Malformed Packets – Sending maliciously crafted packets to crash a device.

DDoS Attacks:

  • Carried out via multiple infected devices (botnet).
  • Controlled by a Command & Control (CnC) system.
  • Zombies spread malware and launch massive coordinated attacks.

Other Common Network Attacks

1. Eavesdropping (Sniffing/Snooping)

Capturing and listening to network traffic.

2. Data Modification Attack

Altering packet data without detection.

3. IP Address Spoofing

Forging IP packets to appear legitimate.

4. Password-Based Attacks

Using stolen user accounts for unauthorized actions.

5. Man-in-the-Middle (MitM)

Intercepting communication between source and destination.

6. Compromised-Key Attack

Using stolen encryption keys for unauthorized access.

7. Sniffer Attack

Using applications/devices to capture unencrypted data packets.

Summary

  • Reconnaissance Attacks: Information gathering (ping sweep, port scan, vulnerability scanning).
  • Access Attacks: Exploiting authentication and trust (passwords, spoofing, MitM, buffer overflow, social engineering).
  • DoS/DDoS Attacks: Disrupting services via traffic overload or botnets.
  • Other Attacks: Eavesdropping, data modification, spoofing, compromised keys, sniffing.

📌 Source: CCNAv7 Enterprise, Networking, Security, and Automation Companion Guide

Post Views: 0

Similar Posts

Leave a Reply