Common Types of Network AttacksPublisher: Psychz Networks, February 01,2016
Network attacks, or what the industry calls DDOS(Distributed Denial of service) is the common method used for attackers to render a network useless, bring down sites, disrupt government sites. There are multiple types of common attacks we are going to be covering; however there are no true example of the types of attack that exist.
There are three ways of making your server, or infrastructure unavailable:
Bandwidth: this type of attack consists of saturating the server's network capacity, which renders it unreachable.
Resources: this type of attack consists of depleting the machine's system resources, which prevents it from responding to legitimate requests.
Exploitation of software fault: also called "exploit", this type of attack targets a particular software fault either to make the machine unavailable or to take control of it.
Three of the most common attacks are:
SSDP attacks: 1900/UDP this type of attack has an applified reflective DDOS attack. This attack uses the UPnP(Universal Plug and Play) protocol that allows devices to discover their neibhor hardware, network descovery, broadcasting presense. The way this attack works is by the attacker performs two task. One spoofs the attacker IP and replaces it with the victim IP. Two the attacker sends a series of UPnP queries to the server, each request increases by size, so the larger the attack gets the harder it is for the local network to respond to the request comming from the attacker. Ending with a complete overfload of network to the server.
NTP attack: 123/UDP this is a type of attack targets the local server NTP that is used to keep the local server time syncronized. NTP attacks are commonely done via botnets that exist on exploited machines. When an attack gets trigger the exploited host send millions of NTP syncronization request to the victim NTP server until the local server network is congested and crashes.
ICM attack: This is a ping attack. ICMP attacks are a type of attack that floods the local network connections by sending a series of echo request to the victim, the victim then sends an exceesive amount of echo responds to the attack, but the attack may not have a routatble destiantion due to the IP being spoofed.