Apart from all that, whether behind the attack there is another motive or just wanting to test a site's defenses, this is very common, so to anticipate serious damage from hacker attacks, of course the opponent must also be equal. Is this worthy of being categorized as an operation by hackers or crackers, we are all confused, because hackers and crackers are sometimes misunderstood, and quite a few even consider both to be "Evil"..
Well... here the admin shares the 2 most dangerous types of hacker attacks and scary in the world according to the Computer Angel Forum..
(1) DoS (Denial Of Service)
DoS (Denial Of Service) DoS attacks (English: denial-of-service attacks') are a type of attack on a computer or server in the internet network by consuming the resources owned by the the computer until the computer cannot carry out its functions properly, thereby indirectly preventing other users from gaining access to services from the computer being attacked.
In a Denial of Service attack, the attacker will try to prevent a user's access to the system or network by using several methods, namely as follows: Flooding network traffic with a lot of data so that network traffic coming from registered users cannot enter. into the network system. This technique is called traffic flooding. Flooding the network with many requests for a network service that is blocked by a host so that requests coming from registered users cannot be served by that service.
This technique is called request flooding. Disrupt communications between a host and its registered clients using any means, including changing system configuration information or even physical destruction of components and servers. The initial form of Denial of Service attack was the SYN Flooding Attack, which first appeared in 1996 and exploited weaknesses in the Transmission Control Protocol (TCP) protocol. Other attacks are ultimately developed to exploit weaknesses in operating systems, network services or applications to make the system, network service or application unable to serve users, or even crash. ( Hacker News )
Several tools used to carry out DoS attacks were widely developed after that (some tools can even be obtained freely), including Bonk, LAND, Smurf, Snork, WinNuke, and Teardrop. However, attacks on TCP are DoS attacks that are often carried out. This is because other types of attacks (such as filling up hard disk space in the system, locking out a valid user account, or modifying the routing table in a router) require network penetration first, which has a small chance of penetration, especially if the network system has strengthened.
Some other examples of DoS Attacks are:
- Buffer Overflow attacks , sending data that exceeds system capacity, for example very large ICMP packets.
- SYN attack , sends TCP SYN data with spoofed addresses. Teardrop attack, sends IP packets with confusing offset values.
- Smurf attacks , send large volumes of ICMP packets with other host addresses. ICMP Flooding.
(2) Scanning and Cross Site Scripting
Scanning - is the activity of hackers or crackers to identify systems that are targets of attack and look for security gaps that will be used to penetrate a system. Scanning activities from the network side are very noisy and easy to spot, unless you use stealth scanning. The most famous scanning tool is nmap. Apart from that, there are also SuperScan and UltraScan which are widely used on Windows systems.
For prevention, scanner programs generally use SYN and ACK packets to detect security gaps in the system. Also by installing a firewall, such as Zone Alarm.
Cross Site Scripting - A cracker can exploit the exchange of cookies between the browser and the webserver. This facility can activate scripts that can change the appearance of the web. The danger is that this script can run malware and read important information such as passwords and credit card numbers.
Basically, crackers will exploit weaknesses in an application, such as CGI scripts that cannot check input or vulnerabilities in ISS RDS in showcode.asp that allow commands to be executed remotely.
Admin : Rina & Ema
Web Blog : Senior Kampus
%20Future%20Technology.jpg)
