Manualshelf

Datasheet

ManualsBrandsFor Dummies ManualsSoftware978-0-470-64748-6
12345678910
Book IV
Chapter 1
Network Security
Terminology
455
Identifying Types of Attacks
When you are working as a network professional, educate your users
never to run a program that has been e-mailed to them. Most software
vendors, such as Microsoft, state that they will never e-mail a program
to a person: Instead, they will e-mail a URL, but it is up to the person to
go to the URL and download the update. A great book to find out more
on the process a hacker employs to compromise a system is Kevin
Beaver’s Hacking For Dummies, 3rd edition (Wiley).
Network-based attacks
A network-based attack uses networking technologies or protocols to
perform the attack, and they are some of the most popular types of attacks
today. The following explains the terminology associated with seven
important network-based attacks.
Ensure that you are familiar with the different types of network-based
attacks for the CCENT certification exam.
Password attacks
A password attack involves the hacker trying to figure out the passwords
for different accounts on a system, or a password that guards a device. The
three major types of password attacks are dictionary attack, hybrid attack,
and brute force attack.
With a dictionary attack, hackers use a program in conjunction with two text
files to automatically try a number of passwords.
One text file contains the most popular user accounts — such as
administrator, admin, and root — found on networks. This file is termed
the user account text file.
The second text file contains a list of all the words in the English
dictionary, and then some. Hackers can also obtain dictionary files for
different languages. This file is termed the dictionary text file or password
list file.
The dictionary attack program then tries to log in with every user account
in the user account text file with every word in the dictionary text file,
attempting to determine the password for the user account.
To protect against a dictionary attack, be sure to use strong passwords that
mix letters, numbers, and symbols. This prevents the passwords from being
found in the dictionary. Also, passwords are normally case sensitive, so be
sure to use a mix of both lowercase and uppercase characters. Mixing the
case of a password means a hacker not only has to guess the password but
also the combination of uppercase and lowercase characters.
22_647486-bk04ch01.indd 45522_647486-bk04ch01.indd 455 10/15/10 11:27 PM10/15/10 11:27 PM