Get Started. It's Free
or sign up with your email address
Rocket clouds
ATTACK by Mind Map: ATTACK

1. TROJAN

1.1. TYPE : Backdoor

1.2. DDOS

1.3. Rootkits

1.4. Exploit

1.5. Trojans are defined as malicious programs that perform actions on a computer that have not been authorized by the user

2. BACKDOORS

2.1. A backdoor is a technique in which a system security mechanism is bypassed undetectably to access a computer or its data.

2.2. The backdoor access method is sometimes written by the programmer who develops a program

3. WORMS

3.1. They spread over computer networks by exploiting operating system vulnerabilities

3.2. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers.

4. VIRUS

4.1. TYPE : Polymorphic viruses

4.2. Overwrite viruses.

4.3. A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works

4.4. The virus requires someone to knowingly or unknowingly spread the infection without the knowledge or permission of a user or system administrator

5. SMURF ATTACK

5.1. A network layer distributed denial of service (DDoS) attack, named after the DDoS. Smurf malware that enables it execution.

5.2. Contermeasures

5.2.1. To prevent a Smurf attack, it is important to shut off the broadcast addressing feature of the external router and firewall

5.2.2. most older routers default to allowing directed broadcast. it is important to note that IP directed broadcast should be disable on all routers and interfaces that do not need it.

6. SESSION HIJACKING ATTACK

6.1. Session hijacking is when a hacker takes control of a user session after the user has successfully authenticated with a server

6.2. Countermeasure

6.2.1. Use encrypted session negotiation

6.2.2. Use encrypted communication channels

6.2.3. Stay informed of platform patches to fix TCP/IP vulnerabilities, such as predictable packet sequences.

7. WEB ATTACK

7.1. Web server, like other system, can be compromised by a hacker.

7.2. Web server vulnerabilities

7.2.1. Misconfiguration of the web server software

7.2.2. operating system or application bugs, or flaws in programming code

7.2.3. Lack of or not following proper security policies and procedures

7.3. Web Application Vulnerabilities and Countermeasure

7.3.1. SQL injection

7.3.1.1. SQL injection is a code injection technique that might destroy your database

7.3.1.2. SQL injection is one of the most common web hacking techniques.

7.3.1.3. SQL injection is the placement of malicious code in SQL statements, via web page input

7.3.1.4. Inserting SQL commands into the URL gets the database server to dump, alter, delete, or create information in the database

7.3.1.5. Countermeasure: Validate user variables

7.3.2. Command injection

7.3.2.1. The hacker inserts programming commands into a web form

7.3.2.2. Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application

7.3.2.3. Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell

7.3.2.4. Countermeasure: Use language-specific libraries for the programming language.

7.3.3. Cookie poisoning and snooping

7.3.3.1. The hacker corrupts or steals cookies

7.3.3.2. cookie poisoning is the modification of a cookie (personal information in a Web user's computer) by an attacker to gain unauthorized information about the user for purposes such as identity theft.

7.3.3.3. The attacker may use the information to open new accounts or to gain access to the user's existing accounts.

7.3.3.4. Countermeasure: Don't store passwords in a cookie. Implement cookie timeouts, and authenticate cookies.

7.3.4. Buffer overflow

7.3.4.1. Huge amounts of data are sent to a web application through a web form to execute commands.

7.3.4.2. A buffer overflow occurs when a program or process attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold.

7.3.4.3. Countermeasure: Validate user input length, and perform bounds checking.

7.3.5. Authentication Hijacking

7.3.5.1. The hacker steals a session one a user has authenticated.

7.3.5.2. Countermeasure: Use SSL to encrypt traffic

7.3.6. Directory traversal/Unicode

7.3.6.1. The hacker browses through the folders on a system via a web browser or Windows explorer.

7.3.6.2. A malformed URL could be used to access files and folders that lie anywhere on the logical drive that contains the web folders

7.3.6.3. This allows the attacker to escalate his privileges on the machine

7.3.6.4. This would enable the malicious user to add, change or delete data, run code already on the server, or upload new code to the server and run it.