Skip to main content

Social Engineering attacks and theirypes:

 

Social Engineering attacks and their types:



Social engineering attacks are used to gain access to the system and carry out actions that reveal confidential/secret information of the user. It makes the user break the security procedures and tricks to gain access to the system. There are different types of social engineering attacks such as-

  1. Phishing – Attackers create a similar fake website and acquire personal and bank details through this. He targets customers through email and other means.
  2. Spear phishing – Similar attack like phishing but the target is narrow towards a specific group.
  3. Vishing – Attack through phone as a medium
  4. Pretexting – Based on a scripted scenario, used to extract PII. The attacker resembles himself as a known person.
  5. Baiting – Attacks happen through download links, infected USB’s etc.

Denial of Service Attack vs Distributed Denial of Service Attack:

S.noDOSDDOS
1In DOS, the attacker uses a single computer and internet connection to flood the target resource.In DDOS, he uses multiple computers and Internet connections to flood the target resource.
2DOS is launched using scripts or DOS tools.DDOS are launched from botnets
3DOS can be traced back easily since it uses only one IP.DDOS is difficult to trace back and it does massive attack than DOS.


Session Hijacking

Exploiting or hacking and getting unauthorized access to the information or services of a valid computer session is known as Session hacking (aka) Hijacking. Most common method is IP spoofing when the attacker uses source-routed IP packets to insert the commands for attacking. There are different ways of session hijacking such as packet sniffing, cross-site scripting, IP spoofing, and blind attack.

Levels & Tools of Session hijacking:

There are two levels of session hijacking known as –

  • Network-level hijacking
    1. TCP session
    2. UDP session
  • Application-level
    1. HTTP session

There are several session hijacking tools such as Burp suite, Firesheep, Surf Jack, Ettercap, Cookie Catcher, and so on.


Web Hacking techniques:

There are several web hacking techniques such as-

  • FREAK (Factoring Attack on RSA-Export Keys)  – Attacker makes the user use servers with weaker encryption.
  • LogJam – Man-in-the-middle attack, where the attacker alters the information in the middle.
  • Web Timing Attacks – An attacker analyzes the cryptographic algorithms used and then he performs the attack.
  • Illusory TLS – This attack exploits the security architecture of the system by employing CA certificates.


Comments

Popular posts from this blog

Top 10 Secure Computing Tips

Top 10 Secure Computing Tips:-   "Top 10" List of Secure Computing Tips Tip #1 - You are a target to hackers Don't ever say, "It won't happen to me." We are all at risk and the stakes are high - both for your personal and financial well-being and for the university's standing and reputation.  Cybersecurity is everyone's responsibility. By following the tips below and remaining vigilant, you are doing your part to protect yourself and others. Tip #2 - Keep software up-to-dat e Installing software updates for your operating system and programs is critical. Always install the latest security updates for your devices: Turn on Automatic Updates for your operating system. Use web browsers such as Chrome or Firefox that receive frequent, automatic security updates . Make sure to keep browser plug-ins (Flash, Java, etc.) up-to-date. Tip #3 - Avoid Phishing scams - beware of suspicious emails and phone calls Phishing scams are a constant threat - using variou...

C Program to Check Year is a Leap Year or Not

How to Check Year is a Leap Year or Not in C:- In this program we have to find the year is a leap year or not. Generally  we assume that year is exactly divisible by 4 is a leap year. But it is not only in this case 1900 is divisible by 4. But it  is not a leap so it that case we follows these conditions    It is exactly divisible by 100 If it is divisible by 100, then it should also exactly divisible by 4 And it is divisible by 400   These all conditions are true year is a leap year. ALGORITHMS:- Step 1 . Initialize variable “year” to find leap year. Step 2 . Take input from User. Step 3 . We use this condition ((year%4==0)&&            (year%100!=0)) || (year%400==0)) to check the year is Leap or not. S tep 4 . It is true display year i...

Write a C program to find number is Abundant number or not

  Write a C program to find the number is an Abundant number or not:- In this program to find a number is an Abundant number or not. A number n is said to be an Abundant Number to follow these condition the sum of its proper di visors is greater than the number itself. And the difference between these two values is called abundance. Ex:-  Abundant number  12 having a proper divisor is 1,2,3,4,6 the sum of these factors is 16 it is greater than 12 so it is an Abundant number. Some other abundant numbers     18, 20, 24, 30, 36, 66, 70, 72, 78, 80, 84, 88, 90, 96, 100, 102, 104, 108, 112, 114, 120.. ALGORITHMS:- Step 1 - Enter the number, to find the Abundant number. Step 2 - Initialize the loop with c=1 to c<=number and follow the following calculation      (i) check if whether the number is divisible with c and c got a result zero.      (ii) now sum=sum+c, add a digit into a sum and store it in the sum. Step 3 . then the...