From the network security threats – network sniffing

(1) the destination unreachable message

Source host to a target address them, send data in the routing table if router can’t find to change the destination address and its path at this time for the purpose of data, the address is unreachable, the router to source host returns ICMP destination unreachable, notice the time away interest communication can’t succeed.

(2) overtime news

In each IP data in baotou there is a “survival time field” instructions in abandoned in packets before the duration of the network. Each packet of time to keep online jump points, including a measure jumping point said to the destination node packets path of a router (gateway). When data report after the router forwards, survival time field value minus one. If a packet of survival time field value is 0, when the router will discard the packets and to source machine to send messages. Overtime

(3) back to show request and back to show a reply

With A host to host B transmit data, wants to know whether the activities Acer Extensa 5210 battery (B ‘boot and can realize connection >, this time the host A to B can send ICMP echoing news. If B is for the activities of the, the ICMP back to show A reply to back to answer. When A received this response news, is can confirm that B is the activity, and can finish into normal correspondence. Germinated PING is to realize the process. The host A and B is located in two network router R connected to the network. 1 and 2, the host network A hope and host B communication, will host the packet to B. The invaders won the network host 1 C access rights. This time by using network broadcasting mechanism, the invaders to Internet radio destination unreachable message, statement R connected network unreachable. This time will make network router and 2 not interrupt with R all network 1 and 2 of the communication network.

This exploits a host of the invasion, can make the network and service paralyzed. The TCP/IP protocol itself to network to attack the mechanism, in addition to the above mentioned destination unreachable attack, there DuoZhong method.

(3) network sniffing

This vocabulary is Sniffer, translation for Sniffer.

Sniffer work principle is to make mixed mode at this time in the network card work according to the character of Ethernet network card, to have received all packets, and no matter who is the receiver. Use of software for these received several according to processing, the extraction of valuable information, is typical of the monitoring network model.

We in the Internet, the data sent in is transferred to the cable before, in the network on the second floor of the will is divided into small pieces of data of the data according to certain format, plus the head and tail and other necessary control information, composition for frame.

Data is broken down into many frames and eventually sent to the network. In fact, the information on the cable is an a in transmission, the receiving party, after receiving again composition frame. Frame will eventually be restructured to transmit data.

The process of communication, is a decomposition and restructuring process. In a different part of the frame with HP NC6200 battery different function, Ethernet 12 bytes of storage before the source address and the destination address.

The frame is the computer by the network driver of composition, through the network card sent to electric cable. The receiver to the inverse of the opposite process.

In normal circumstances, network computer receives all data frames, but to the destination address is not their own data not any treatment.

If set to network card, make its work in the mixed mode, where you can capture network all of data.

Network sniffer is a very typical network attack mode, through this process, can monitor a capture network transmission on the account number and password and other confidential information.

On account of the capture and analysis, we can get control of the system, which launched the attack on the system.

(4) website can’t literally visit

Thanks to the Internet, install the openness of the website is a very easy thing, and at the same time, also does not have an Internet supervision agencies of the site’s information and according to the function of the responsibility for the negative. So, as the Internet site in the main was tapping cloth object and, at the same time, into an important tool to attack.

Use of the web site for information attack, basically has the following kinds:

(1) the site as a tool for information fraud, economic benefits “phishing” to this website is the attack mode is very appropriate description. The main purpose of the letter interest fraud is to get economic interests.

(2) using a web scripting holes to attack

In the web site’s pages script, deliberately embedded malicious code, through the script to browse the web site loopholes to attack.

(3) through the web site for the user privacy information

This way the most deceptive. Through some legal way, get the user’s privacy, information collected, used for illegal occasion.

(4) use of this website malicious plug-ins stay user system as plug-in technology development and mature, through the web site provides a malicious plug-ins. When the door, and at the same time in downloading the plugin’s system of the execution of the plugin and no limit of time, website can through the plugin operating in the client to realize malicious functions.

When you surf the Internet, be sure to note that has the following some characteristics of the web site:

(1) and famous website similar domain name, and special attention to in the English language (1) and 1 small write mother (Arabic numerals); , m and n, o (small letters) and 0 (the difference between the number of Arab word);

(2) provides the program or document download, but file extensions is 1 X2 not compression of the document. RAR ZIP or text format,;

(3) in the service before require the user to provide a lot of G560 battery sensitive information, if you don’t want the whole world to know your home phone number in ensuring that those information not be misused to carefully before;

(4) website provides a lot of links, and you don’t know the contents of these links;

(5) buying services or items, need you have paid in advance;

(6) required to provide your mobile phone number to use information or services, pay attention to the nets stood by mobile phone operator can be from your account directly deduct the expenses.

(5) the back door

Backdoor, the word is.

The back door? What?

In the attack from the Internet, the back door is refers to the invaders in order to more easily and hidden into attacked target computer or network through various means setting approach.

The attacker design the back door of the purpose is to intrusion system more convenient, the back door of common technology has the following some:

Comments are closed.