🔒 A Guide to Network Attacks: From Password Cracking to Sniffing

🔑 Password Cracking

Password cracking refers to all techniques used to discover a password stored in a system. Here are four common methods.

📖 1. Dictionary Attack

This method involves trying words from a dictionary, commonly used passwords, or lists of leaked passwords to find the correct one. It's a basic attack but highly effective against simple passwords.

• Principle: Sequentially tries words from a pre-made list (dictionary).
• Characteristic: Fast attack speed.
• Countermeasure: Use complex passwords that combine non-dictionary words, special characters, numbers, and mixed case letters.

💥 2. Brute-force Attack

As the name suggests, a brute-force attack is a straightforward method that tries every possible combination of characters one by one until the password is found.

• Principle: Attempts all possible combinations, like a, b, c... aa, ab, ac...
• Characteristic: Very time-consuming, but it will eventually find any password.
• Countermeasure: Implement an account lockout policy (e.g., lock for 10 minutes after 5 failed attempts) and increase password length.

🧩 3. Hybrid Attack

This is a combination of a dictionary attack and a brute-force attack. For example, it might take a dictionary word like password and append numbers or symbols, creating combinations like password123 or password!.

• Principle: Combines dictionary words with numbers/special characters.
• Characteristic: Higher success rate than a simple dictionary attack.
• Countermeasure: Use unpredictable combinations of words, numbers, and symbols.

🌈 4. Rainbow Table Attack

A rainbow table is a massive, precomputed chain of hash values. If an attacker obtains a password hash from a system, they can use this table to find the original password very quickly.

• Principle: Uses a precomputed table of hash values (a rainbow table) to reverse-engineer the hash function.
• Characteristic: Can find the original value from a hash very quickly.
• Countermeasure: Use a "salt." By adding a random string (the salt) to the original password before hashing, you can render the rainbow table useless.

🎭 Spoofing

Spoofing means 'to deceive.' It's an attack technique where an attacker disguises their identity to access a system or steal information.

📍 IP Spoofing

IP spoofing involves forging the source IP address in a packet to that of a trusted computer. It's used in DoS attacks or to bypass firewalls.

🔗 ARP Spoofing

This attack exploits a vulnerability in the ARP protocol used on local area networks (LANs). The attacker tricks devices by associating their own MAC address with the IP address of another device, allowing them to intercept all network traffic (a Man-in-the-Middle Attack).

🐴 Trojan Horse

A Trojan horse is software that appears to be a legitimate program (like a game or utility) but actually contains malicious code. When a user runs the program, the malicious code is installed on their system, leading to data theft, remote control, or other malicious activities.

↪️ ICMP Redirect Attack

The ICMP protocol is used for network error reporting and diagnostics. An ICMP Redirect message is used by a router to inform a host that there is a more efficient route available. An attacker can forge this message to redirect a victim's data packets through their own computer, allowing them to eavesdrop on the communication.

👃 Sniffing, Sniffer, and Network Scanner

Sniffing

As the name implies, sniffing is the act of secretly eavesdropping on data packets traveling over a network. Unencrypted data (like IDs and passwords) is highly vulnerable to sniffing.

Sniffer

A sniffer is the hardware or software tool used to perform sniffing. Wireshark is a well-known example of a sniffer tool.

Network Scanner

A network scanner is a tool used to identify IP addresses, open ports, and running services on systems connected to a network. Attackers use it to identify vulnerabilities in a target, while administrators use it to check their security posture.

Practice Questions for Certification Exams