JIMMA UNIVERSITY

JIMMA INSTITUE OF TECHNOLOGY

FACULTY OF ELECTRICAL AND COMPUTER ENGINEERING

COMPUTER AND NETWORK SECURITY

ASSIGNMENT-1

NAME: Seid Meki

ID.NO: 01785/05 ADD

Jimma, Ethiopia
December, 2020

1
 1) Computer Attack

What is attacks?

Attack mean a zombie of computer. More time a hacker use this attacking method to control a
personal or organizational sector computers. They created there hacking software or malicious
software and send those virus to a computer. Those viruses attacked our computer that we don’t
see there attacking system. The use on the hidden or inside in the server. Therefor we came
computer attacking means: the hackers want to steal a data, file, information from a computer
to their illegal trading system. There are different types of computer attacking we brief blow

Types of computer Attack

1. Malware

Is the collective name for a number of malicious software variants, including viruses, ransom
ware and spyware? Shorthand for malicious software, malware typically consists of code
developed by cyber attackers, designed to cause extensive damage to data and systems or to
gain unauthorized access to a network

2. Phishing

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text
message by someone posing as a legitimate institution to lure individuals into providing
sensitive data such as personally identifiable information, banking and credit card details, and
passwords.

3. DNS Tunnelling

This type of attacking is a cyber-attack that encodes the data of other programs or protocols in
DNS queries and responses. DNS tunnelling often includes data payloads that can be added to
an attacked DNS server and used to control a remote server and applications.

4. Zero-day Exploit

Zero-day attack is an unknown exploit in the wild that exposes a vulnerability in software or
hardware and can create complicated problems well before anyone realizes something is wrong.

2
 R
5. Root kits
o
ot
A rootkit is a collection of computer software, typically
ki malicious, designed to enable access
to a computer or an area of its software that is t: not otherwise allowed (for example, to an
unauthorized user) and often masks its existence or Wthe existence of other software.
h
6. Worms
at
A computer worm is a type of malware that spreads iscopies of itself from computer to computer.
a
A worm can replicate itself without any human interaction, and it does not need to attach itself
to a software program in order to cause damage. R
o
7. Denial server attack
ot
A Denial-of-Service (DoS) attack is an attack meant ki to shut down a machine or network,
t? accomplish this by flooding the target
making it inaccessible to its intended users. DoS attacks
with traffic, or sending it information that triggersRa crash.
o
ot
2) Network ki attack
t:
W
A network attack is an attempt to gain unauthorized h access to an organization's network, with
at
the objective of stealing data or perform other malicious activity. ... Passive: Attackers gain
Is information, but without making any
access to a network and can monitor or steal sensitive
a types of network attacks those are:
change to the data, leaving it intact. There are different
R
1. Botnet
o
A botnet is a number of Internet-connected devices, oteach of which is running one or more bots.
ki
Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send
spam, and allow the attacker to access the device andt, its connection.
S
2. Smurf attack c
a
This attack involves using IP spoofing and the ICMP to saturate a target network with traffic.
n
This attack method uses ICMP echo requests targeted n at broadcast IP addresses. These ICMP
requests originate from a spoofed “victim” address.er For instance, if the intended victim address
is 10.0.0.10, the attacker would spoof an ICMP echo s, request from 10.0.0.10 to the broadcast
D
3 et
e
ct
address 10.255.255.255. This request would go to all IPs in the range, with all the responses
going back to 10.0.0.10, overwhelming the network. This process is repeatable, and can be
automated to generate huge amounts of network congestion.

3. Ping of death attack

This type of attack uses IP packets to ‘ping a target system with an IP size over the maximum
of 65,535 bytes. IP packets of this size are not allowed, so attacker fragments the IP packet.
Once the target system reassembles the packet, it can experience buffer overflows and other
crashes.

Ping of death attacks can be blocked by using a firewall that will check fragmented IP packets
for maximum size

4. Session hijacking

In this type of MitM attack, an attacker hijacks a session between a trusted client and network
server. The attacking computer substitutes its IP address for the trusted client while the server
continues the session, believing it is communicating with the client. For instance, the attack
might unfold like this:

1. A client connects to a server.

2. The attacker’s computer gains control of the client.
3. The attacker’s computer disconnects the client from the server.
4. The attacker’s computer replaces the client’s IP address with its own IP address and
spoofs the client’s sequence numbers.
5. The attacker’s computer continues dialog with the server and the server believes it is
still communicating with the client.

5. IP Spoofing

IP spoofing is used by an attacker to convince a system that it is communicating with a known,

trusted entity and provide the attacker with access to the system. The attacker sends a packet
with the IP source address of a known, trusted host instead of its own IP source address to a
target host. The target host might accept the packet and act upon it.

4
 6. Phishing and spear phishing attacks

Phishing attack is the practice of sending emails that appear to be from trusted sources with the
goal of gaining personal information or influencing users to do something. It combines social
engineering and technical trickery. It could involve an attachment to an email that loads
malware onto your computer. It could also be a link to an illegitimate website that can trick
you into downloading malware or handing over your personal information.

7. Drive-by attack

Drive-by download attacks are a common method of spreading malware. Hackers look for
insecure websites and plant a malicious script into HTTP or PHP code on one of the pages.
This script might install malware directly onto the computer of someone who visits the site, or
it might re-direct the victim to a site controlled by the hackers. Drive-by downloads can happen
when visiting a website or viewing an email message or a pop-up window. Unlike many other
types of cyber security attacks, a drive-by doesn’t rely on a user to do anything to actively
enable the attack — you don’t have to click a download button or open a malicious email
attachment to become infected. A drive-by download can take advantage of an app, operating
system or web browser that contains security flaws due to unsuccessful updates or lack of
updates.

5
 3) Web attack

What is web and there attack?

Web is a software or programmable application that server that we use any kind of processing
using cloud. Attack is a zombie that attack those processing systems by getting an internet
protocol or from anywhere. There are different types of web attack, from those we see someone
below.

1) SQL Injection

SQL injection, also known as SQLI, the attackers inject malicious SQL scripts in to website
app to gain access to the database to store in the website server. Some common SQL injection
examples include: Retrieving hidden data, where you can modify an SQL query to return
additional results. Subverting application logic, where you can change a query to interfere with
the application's logic. UNION attacks, where you can retrieve data from different database

2) Denial of Service

This type of attacking is attacked the web server. The attackers sends an enormous amount to
our website or to hosting server to disrupt and even shutdown our system. It focus on server of
our web application and website ranting cloud servers. The cloud charged with an automated
server to share connection to any server. The denial-of-server attack is the same concept, except
that this time, the hackers gain illegal control over a millions of device to launch the attack on
the large scale. Different from the other attackers do not receive any direct benefit from the
denial-of service attacks. Many time this attacking system is targeted to attack an
organizational information and a hugest information stored centre.

3) Cross-site scripting,

Cross-site scripting is a type of security vulnerability typically found in web applications. XSS
attacks enable attackers to inject client-side scripts into web pages viewed by other users. A
cross-site scripting vulnerability may be used by attackers to bypass access controls such as the
same-origin policy.

4) Brute force attack

Brute Force attack is called password attack. This method is one of the simplest form of web
attacks. Because the attackers or hackers simply tries different combination of username and
password as repeatedly until it is login to user account and take the other password using valid

6
form. For a single computer it take more time but to multiple computer simply they login by
breaking method or by combination of username and password. Many hackers developed there
powerful software to hack.

5) LDAP injection attack

LDAP (Lightweight Directory Access Protocol) is an application software mostly used for
corporate intranets. Any one need to network to find the resource as sample device, file, as well
as username or password as part of single sign-on system. An LDAP injection attack allows
attackers to send queries without validation.

6) Using Components with Known Vulnerabilities

Modern software is not built as a monolith anymore – it always relies on an increasingly large
number of 3rd party components, frameworks, and open source libraries. Any known
vulnerabilities found in these dependencies can directly affect your own application as well!
Sometimes this will lead to other vulnerabilities on this list, such as injection, remote code
execution, or any other flaw that could allow attackers to access sensitive data or actions.

7) Security Misconfiguration

Servers and applications have a lot of moving parts that all need to be configured properly.
This applies at all levels of the application stack, from the operating system and network
devices up to the web server and the application itself.