Get Started. It's Free
or sign up with your email address
ATTACKS by Mind Map: ATTACKS

1. Backdoor

1.1. A backdoor is a malicious computer program that is used to provide the attacker with unauthorized remote access to a compromised PC system by exploiting security vulnerabilities.

2. Virus

2.1. A type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code.

2.1.1. 1. File infectors

2.1.2. 2. Encrypted virus

2.1.3. 3. Polymorphic virus

2.1.4. 4. Override virus

3. Session Hijacking

3.1. Session hijacking involves an attack identifying the current session IDs of a client/server communication and taking over the client’s session.

3.1.1. Countermeasure

3.1.1.1. Use encrypted session negotiation. Use encrypted communication channels. Stay informed of platform patches to fix TCP/IP vulnerabilities, such as predictable packet sequences.

4. SYN Flood

4.1. A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.

4.1.1. Countermeasure

4.1.1.1. DO NOT allocate large memory for FIRST PACKET (SYN).

4.1.1.2. Allocate memory ONLY after you receive ACK Packet(4th Packet) from the sender One of the Good Solution is – make use of Proxy Server

5. Trojans

5.1. A type of malicious software developed by hackers to disguise as legitimate software to gain access to target users' systems.

5.1.1. 1. Rootkit

5.1.1.1. Rootkits are developed by malware authors to gain access to the victim’s system.

5.1.2. 2. Ransom

5.1.2.1. Trojan Ransom is developed to alter data on the victim's computer.

5.1.3. 3. Exploit

5.1.3.1. Exploit is a type of Trojan that contains a malicious code or data to attack a vulnerable software or application that runs on an infected computer.

5.1.4. 4. Backdoor

5.1.4.1. A backdoor Trojan gives the hackers malicious access to take remote control over the infected computer.

6. Worms

6.1. A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers.

6.1.1. 1. Email worms

6.1.1.1. An email worms uses a PC's email client to spread itself.

6.1.1.2. Once the worm is installed, it will search the host computer for any email addresses contained on it. It will then start the process again, sending the worm without any input from the user.

6.1.1.3. A well-known example of this type of worm is the "ILOVEYOU" worm, which infected millions of computers worldwide in 2000

6.1.2. 2. Internet worms.

6.1.2.1. Internet worms are completely autonomous programs.

6.1.2.2. They use an infected machine to scan the Internet for other vulnerable machines.

7. Smurf

7.1. Smurf is a network layer distributed denial of service (DDoS) attack, named after the DDoS.Smurf malware that enables it execution.

7.2. Smurf attacks are somewhat similar to ping floods, as both are carried out by sending a slews of ICMP Echo request packets.

7.2.1. Countermeasure

7.2.1.1. To prevent a smurf attack, individual hosts and routers can be configured to be non-responsive to external ping requests or broadcasts. Routers can also be configured to ensure that packets directed to broadcast addresses are not forwarded.

7.3. Which a system is flooded with spoofed ping messages. This creates high computer network

8. Web Attack

8.1. SQL Injection

8.1.1. Inserting SQL commands into the URL gets the database server to dump, alter, delete, or create information in the database.

8.1.1.1. Countermeasure

8.1.1.1.1. Input Validation

8.1.1.1.2. Minimize Admin Privileges

8.2. Command Injection

8.2.1. The hacker inserts programming commands into a web form.

8.3. Cookie Poisoning and Snooping

8.3.1. The hacker corrupts or steals cookies.

8.4. Buffer Overflow

8.4.1. Huge amounts of data are sent to a web application through a web form to execute commands.

8.5. Authentication Hijacking

8.5.1. The hacker steals a session once a user has authenticated.

8.6. Directory Traversal/Unicode

8.6.1. The hacker browses through the folders on a system via a web browser or Windows explorer.