At modern times like nowadays security is the most important thing to keep with serious effort. Even if security measures continues to grow and become better, hackers will find a new way to break trough it. Here is some ways hacker usually use to hack a security system.
IP Spoofing also known as Source Address Spoofing, is faking attackers IP address so the target think it is part of inside address not from outside the network. For Example the attacker has type A IP address 66.25.xx.xx, when the attacker uses this kind of attack the target network will think his IP is part of it’s own network e.g. type c IP 192.xx.xx.xx. IP Spoofing happen when a hacker “” the routing package to change the direction of data or transmission to different destination. Routing Package usually being transmitted clearly so the hacker can easily modifiy the source and destination of the data. This technique does not used only by hackers but also the professional in network security to track the identity of the hackers.
2. FTP Attack.
Buffer overflow that caused by malformed command is one kind of attack that hacker usually use on File Transfer Protocol. The point of attacking this FTP server is to get command shell or doing Denial of Service attack. DDoS Attack can give unauthorized use of resource on a network to the attacker, meanwhile the command shell can give hacker access to server system and data files, and in the end the attacker can make an anonymous root-access that has full control over system even network that is under attack.
never or rarely updating and patching the server is common mistake an administrator did, this is why the FTP server is vulnerable. For example the popular FTP server among UNIX family, the WU-FTPD that always updated twice a day to repair the conditions that allow buffer overflow. Exploiting the FTP also useful to get the password that exist on the system, do FTP Bounce Attack (using others FTP server to do the attack) and sniffing information on the system.
3. Unix Finger Exploits.
On the early time of internet, UNIX OS finger utility used efficiently to share information between users. Because the request for this finger information are not violate the rules many system administrator leave this utility with minimum security, even without any security at all. For a hacker this utility is precious to get footprinting information, including login name and contact information. This utility also provide great summary of user activity on a system, how long user in the system and how far the user manage the system. Information generated by this utility can minimize effort a cracker need to break trough a system. User personal information shown by this daemon finger is big enough for an attacker to do social engineering with his social skill to exploit the user to give password and access code for a system.
4. Flooding & Broadcasting.
An Attacker can significantly reduce the speed of a network and host inside by repeatedly request of an information from server that can not handle classic Denial of Service (DDoS)attack. Sending request to one port excessively is known as Flooding, or Spraying sometimes. When this Flood request sent to all station on the network the attack is known as Broadcasting. Both of this attack has some point, to weaken network resource and finally incapacitated. Flooding depends on two factors : size and/or volume. A hacker can caused Denial of Service by throwing large file from small package to a system. In that condition server network will faced traffic. Too much information requested and not enough power to push data to move. Basically large package needs large process capacity too, but small package and similar in large volume will use all the resource and caused traffic.
5. Fragmented Packet Attacks.
The data on internet transmitted by TCP/IP can be divided to packages that only contain first package that includes only prime information of TCP. Some Firewall will allowed to process part of the packages that not contain source information in its first package, this will crashed some type of system. For Example, NT server will crashed if fragmented package enough to re-write the information of first package of a protocol.
6. E-mail Exploits.
Email Exploit happens in five forms : mail floods, command manipulation, transport level attack, malicious code inserting and social engineering. Email attack can crash a system, open and re-write even execute application files and also can make access to command function.
7. DNS and BIND Vulnerabilities.
Latest news about vulnerabilities of Barkeley Internet Name Domain(BIND) Application on various version illustrated DNS fragility, a crisis that point to basic internet operation.
8. Password Attacks.
Password is something common if we talk about security. Sometimes a user does not care about their PIN number, like doing online transaction at Internet Cafe, even at home is very dangerous if not using security software like SSL and PGP. Password is on of security measure that difficult to attack, an attacker may have lots of tools (technically or in social life) only to open something protected by password.When an attacker successfully get users password, he have same power with the user. Train your employee or user to carefully keep their password from social engineering at least can reduce the risk, beside that organization also must wary this technically. Most of the attack on password is guessing, brute force, cracking and sniffing.
9.Proxy Server Attacks.
One function of Proxy Server is to increase response time by combine process from some host in a trusted network. In most cases, each host has access to read and write that means what i can do in my system i also can do in your system.
10. Remote Command Processing Attacks
Trusted Relationship between two or more host provide exchange information and resource sharing service. Similar with proxy server, trusted relationship give same access to all network member in one or different system (inside the network). Attacker will attack server that is a member of trusted system. Similar to vulnerability in proxy server, when access accepted, an attacker will have ability to execute command and access data available for other users.
11. Remote File System Attack
Transport data protocols – backbone of the internet – is TCP level that has ability with read/write mechanism between network and host. An Attacker can easily get information from this mechanism to get access to file directory.
12. Selective Program Insertions
Selective Program Insertions is a attack where hacker put destructive programs such as virus, worm and trojan on target system. This destructive programs also known as malware and has the capability to destroy system, file extermination, password stealing an even open a backdoor.
13. Port Scanning
Trough port scanning, an attacker can see how a system function and how the system defend from various port. An attacker can get access into the system by unprotected port. For example, scanning can be used to determine where default SNMP string open to public, means information can be extracted and used in remote command attack.
14.TCP/IP Sequence Stealing,
Passive Port Listening and PacketInterception TCP/IP Sequence Stealing, Passive Port Listening dan Packet Interception run to collect sensitive information to access a network. Not like active attack or brute-force, attack using this method has more stealth-like quality.
15. HTTPD Attacks
There is five Vulnerability on HTTPD or webserver : buffer overflows, httpd bypasses, cross scripting, web code vulnerabilities and URL floods. HTTPD buffer overflor can happen because the attacker add errors on port used for web traffic by adding lots of characters and string to find suitable place to overflow. When found, an attacker will add executable string. Buffer overflow can give the attacker access to command prompt.
Source : rafi-orilya.blogspot.com