What is Man in Middle Attack?

A man in middle attack, generally occurs when attackers are able to place themselves in the middle of two other hosts that are communicating in order to view and/or modify the traffic.It is also called as Bucket-Bridge Attack.

  This will do by making sure that all communications going to or from the target host is routed through the attacker's host.

  Then the attacker can be able to observe all traffic before transmitting it and can actually modify or block traffic. To the target host, communication is occurring normally, since all expected replies are received.

Continue reading

What is Sniffing attack?

    A Sniffer is an application that can capture networks packets. Sniffers are also Known as network protocol analyzers.

Objective of sniffing is to steal:

1. Password (From Email, Website, FTP, TELNET etc)

2. Email Text

3. Files in transfer

   A network sniffer is software or hardware device that is used  to observe traffic as it passes through a network on shared broadcast media.

   These devices can be used to view all traffic, or it can target a specific protocol, services, or even string of characters like logins.

   

   Generally, the network device is designed to ignored all traffic that is not destined for that computer, Network sniffers attacks ignore this friendly agreement and observe all traffic on the networksm whether destined for that computer or others.

         Some network sniffers are not just designed to observe all traffic but also modify  them.Network administrators for monitoring networks performancecan use network sniffers.

The can be used to perform traffic analysis, for example, in order to determine what type of 

      traffic is most commonly carried on the network and to determine which segments are most              active.They can also be used for network bandwith analysis and to troubleshoot certain problems such as duplicate MAC adresses.

Continue reading

What is DOS(Denial of service) attack?

        Denial of service(DOS) attack is a type of attack which can exploit a known vulnerability in a specific application or operating system, or may attack features or weaknesses in particular protocols or services.

       By this attack, the attacker is attempting to deny authorised users access to specific information or to the computer system or network itself.

       The aim of this attack can be simply prevent access to the target system, or the attack can be used in combination with other actions in order to gain unaut
horised access to a computer or network.

Continue reading

What is computer security?

Computer security is protection given to an automated imformation system in order to obtain the applicable objectives of preserving the integrity, availability and confidentiality of information system resource like hardware, software, firmware, data and telecommunication.

Computer security is nothing but to provide security to data, computer systems, services and supporting procedure.

Information security and information assurance, which focuses on the security process not on the hardware and software being used but on the data that is processed by them. Assurance also introduces the availability of the systems and information when we want them.

Data security is related to the content of information and source of the data transfer should be secure. Only valid users can access or change the data. Data should be secured from modification, insertion, deletion or reply from unauthorised person.

Continue reading