Network Access Attacks
Technology is forever evolving, so is hacking! It might come as a surprise to many that, as one wakes up in the morning and prepares for work, gets to the office and spends nine to twelve hour working; the same way a professional hacker spends all day modifying hacking techniques and looking for networks to exploit!
Firstly, for an attacker to gain access to a system network, the intruder has to find out the vulnerabilities or weaknesses in the network authentication, FTP and web services. Finding and exploiting these vulnerabilities will enable the attacker to gain access to web account and other confidential or sensitive information.
Types of access attacks
- Password attack
- Trust Exploitation
- Port Redirection
- Man-in-the middle attack
A Network attacker uses packet sniffer tools to obtain user accounts and passwords information. Normally we log in and out of a system using authentication passwords to shared resources in a router or server, an attacker also repeatedly attempts to log in to a shared resource or to gain unauthorised access to an organisation’s network; this can also be referred to as dictionary or brute force attacks. To carry out this type of attacks, the intruder can use tools like the L0phtCrack or Cain.
These software or programs repeatedly attempt to log in as a user using words derived from a dictionary. Most dictionary attacks often succeed because network users often choose simple and short passwords, single words that are easy to predict.
Another password attack method uses what is called rainbow tables. A rainbow table is precompiled series of passwords, which is constructed by building chains of possible plain text passwords. Each chain is developed by starting with a randomly selected “guess” of the plain text password then sequentially applies variations on it. The attack software will apply the passwords in the rainbow table until it at a possible password.
To conduct a rainbow table attack, attackers can use a tool such as .
A brute-force attack tool is more sophisticated because it searches in detail using combinations of character sets to work out every possible password made up of those characters. The only disadvantage is that it takes much time to complete this type of attack. Brute-force attack tools have been known to solve simple passwords in less than a minute. Longer, more complex passwords may take days or weeks to resolve.