Types of Network Attacks

Questions and Answers

What is the primary purpose of reconnaissance attacks?

To encrypt sensitive information

To gather information about systems and vulnerabilities (correct)

To gain unauthorized access to data

To disrupt service availability

Which of the following tools is commonly used in reconnaissance attacks?

Packet Sniffers (correct)

Firewalls

Antivirus Programs

Encryption Software

In which stage do reconnaissance attacks typically occur?

Following user account creation

Before unauthorized data access (correct)

After a Denial of Service attack

During system maintenance

Which of the following best describes a ping sweep in reconnaissance?

Determining active IP addresses within a network

What is the first step taken by intruders when conducting a reconnaissance attack?

Performing a ping sweep

Which attack type directly involves mapping of systems and identification of potential vulnerabilities?

Reconnaissance Attacks

What is the primary function of a packet sniffer?

To capture and analyze network packets

Which technique involves sending ICMP echo requests to determine live hosts?

Ping sweep

What is a port scan used for?

To detect listening services on a host

What type of information can Internet information queries reveal?

Contact names and phone numbers associated with a domain

Which of the following is NOT a typical function of a packet sniffer?

Scanning for open ports

Which well-known port number is associated with HTTP services?

80

How can social engineering be characterized?

Manipulating individuals to obtain sensitive information

What role does the ICMP protocol play in a ping sweep?

Sends echo requests to detect active hosts

Study Notes

Types of Network Attacks

• Three major categories: Reconnaissance Attacks, Access Attacks, Denial of Service (DoS) Attacks.

Reconnaissance Attacks

• Also known as information gathering; involves unauthorized discovery and mapping of systems and vulnerabilities.
• Acts as a precursor to Access or DoS attacks.
• Similar to a thief surveying a neighborhood for weak targets.

Phases of Reconnaissance Attacks

• Initial step: Conducting a ping sweep to identify active IP addresses within a network.
• Next: Assessing available services and ports on the identified IP addresses.
• Further inquiry: Querying identified ports for application and OS type and version.
• Final phase: Searching for vulnerable services that can be exploited.

Tools Used in Reconnaissance Attacks

• Packet Sniffers: Capture all network packets in promiscuous mode; can intercept unencrypted traffic. Commonly known example: Wireshark.
• Ping Sweeps: Scanning technique using ICMP requests to check which hosts are live; responses indicate active devices.
• Port Scans: Involves scanning TCP/UDP port ranges to identify listening services; responds if a port is in use.
• Internet Information Queries: Utilize databases like Whois for information on domain ownership and associated IP addresses.

Internet Information Queries

• Whois database acts like the “white pages” of the Internet, detailing contact information for domain registration, including:
  • Technical, administrative, and billing contacts.
  • Associated phone numbers, email addresses, and Domain Name Servers (DNS).
• Domain registration populates the Whois database; accessible to all Internet users.

Low-technology Reconnaissance

• Social Engineering: Involves manipulating individuals (e.g., via phone) to divulge sensitive information, such as passwords.
• Attackers can successfully retrieve sensitive data through clever deception.

Description

This quiz explores the three major categories of network attacks: Reconnaissance Attacks, Access Attacks, and Denial of Service (DoS) Attacks. Dive into the phases of reconnaissance and the tools commonly used, such as packet sniffers and ping sweeps. Test your knowledge on how these attacks identify vulnerabilities in systems.