Professional Documents
Culture Documents
The primary function of a proxy server is to act as an intermediary between the user's
device and the internet. This can provide a number of benefits, including:
Anonymity - Because the website only sees the proxy server's IP address, not the
user's device IP address, the user's identity is concealed.
Security - Proxy servers can act as a buffer between the user's device and the
internet, helping to protect against malware, viruses, and other types of attacks.
Access control - Proxy servers can be configured to block or allow certain types
of traffic, such as social media or streaming websites, providing organizations
with control over what their employees can access.
Types of Proxy Servers
There are several different types of proxy servers, including:
Forward Proxy - A forward proxy is a server that sits between a client and the
internet. The client sends a request to the forward proxy, which then sends the
request to the internet on behalf of the client.
Reverse Proxy - A reverse proxy is a server that sits between the internet and a
server. The reverse proxy receives requests from the internet and then forwards
those requests to the appropriate server.
Transparent Proxy - A transparent proxy is a proxy that does not modify the
request or response, but simply passes the traffic along. Transparent proxies are
often used in corporate environments to monitor and control access to the internet.
Anonymous Proxy - An anonymous proxy is a proxy that conceals the user's IP
address, providing an additional layer of privacy.
What are Anonymizers?
An anonymizer is a tool that is used to conceal a user's identity when accessing the
internet. Anonymizers work by hiding the user's IP address, making it difficult for
websites to track the user's online activity.
1. Anonymizers can provide users with a layer of privacy when accessing the
internet, helping to conceal their online activity from prying eyes.
2. Anonymizers can help protect users from malware, viruses, and other types of
attacks by creating an encrypted connection between the user's device and the
internet.
3. Anonymizers can be used to access content that may be blocked or restricted in
certain locations, such as geo-restricted content or websites that may be blocked
by government or institutional firewalls.
4. Anonymizers can help protect a user's identity and personal information from
being tracked and monitored by third parties, such as advertisers or hackers.
5. Anonymizers can also provide improved performance when browsing the internet,
as they can reduce load times for certain types of content and reduce bandwidth
usage.
Phishing
Phishing is one type of cyber attack. Phishing got its name from “phish”
meaning fish. It’s a common phenomenon to put bait for the fish to get trapped.
Similarly, phishing works. It is an unethical way to dupe the user or victim to
click on harmful sites. The attacker crafts the harmful site in such a way that
the victim feels it to be an authentic site, thus falling prey to it. The most
common mode of phishing is by sending spam emails that appear to be authentic
and thus, taking away all credentials from the victim. The main motive of the
attacker behind phishing is to gain confidential information like
Password
Credit card details
Social security numbers
Date of birth
The attacker uses this information to further target the user and impersonate the
user and cause data theft. The most common type of phishing attack happens
through email. Phishing victims are tricked into revealing information that they
think should be kept private. The original logo of the email is used to make the
user believe that it is indeed the original email. But if we carefully look into the
details, we will find that the URL or web address is not authentic. Let’s
understand this concept with the help of an example:
In this example, most people believe it’s YouTube just by looking at the red
icon. So, thinking of YouTube as a secure platform, the users click on the
extension without being suspicious about it. But if we look carefully, we can
see the URL is supertube.com and not youtube.com. Secondly, YouTube never
asks to add extensions for watching any video. The third thing is the extension
name itself is weird enough to raise doubt about its credibility.
How Does Phishing Occur?
Below mentioned are the ways through which Phishing generally occurs. Upon
using any of the techniques mentioned below, the user can lead to Phishing
Attacks.
Clicking on an unknown file or attachment: Here, the attacker
deliberately sends a mysterious file to the victim, as the victim opens the
file, either malware is injected into his system or it prompts the user to enter
confidential data.
Using an open or free wifi hotspot: This is a very simple way to get
confidential information from the user by luring him by giving him free wifi.
The wifi owner can control the user’s data without the user knowing it.
Responding to social media requests: This commonly includes social
engineering. Accepting unknown friend requests and then, by mistake,
leaking secret data are the most common mistake made by naive users.
Clicking on unauthenticated links or ads: Unauthenticated links have
been deliberately crafted that lead to a phished website that tricks the user
into typing confidential data.
Types of Phishing Attacks
There are several types of Phishing Attacks, some of them are mentioned below.
Below mentioned attacks are very common and mostly used by the attackers.
Email Phishing: The most common type where users are tricked into
clicking unverified spam emails and leaking secret data. Hackers
impersonate a legitimate identity and send emails to mass victims.
Generally, the goal of the attacker is to get personal details like bank details,
credit card numbers, user IDs, and passwords of any online shopping
website, installing malware, etc. After getting the personal information, they
use this information to steal money from the user’s account or harm the
target system, etc.
Spear Phishing: In spear phishing of phishing attack, a particular
user(organization or individual) is targeted. In this method, the attacker first
gets the full information of the target and then sends malicious emails to
his/her inbox to trap him into typing confidential data. For example, the
attacker targets someone(let’s assume an employee from the finance
department of some organization). Then the attacker pretends to be like the
manager of that employee and then requests personal information or
transfers a large sum of money. It is the most successful attack.
Whaling: Whaling is just like spear-phishing but the main target is the head
of the company, like the CEO, CFO, etc. a pressurized email is sent to such
executives so that they don’t have much time to think, therefore falling prey
to phishing.
Smishing: In this type of phishing attack, the medium of phishing attack is
SMS. Smishing works similarly to email phishing. SMS texts are sent to
victims containing links to phished websites or invite the victims to call a
phone number or to contact the sender using the given email. The victim is
then invited to enter their personal information like bank details, credit card
information, user id/ password, etc. Then using this information the attacker
harms the victim.
Vishing: Vishing is also known as voice phishing. In this method, the
attacker calls the victim using modern caller id spoofing to convince the
victim that the call is from a trusted source. Attackers also use IVR to make
it difficult for legal authorities to trace the attacker. It is generally used to
steal credit card numbers or confidential data from the victim.
Clone Phishing: Clone Phishing this type of phishing attack, the attacker
copies the email messages that were sent from a trusted source and then
alters the information by adding a link that redirects the victim to a malicious
or fake website. Now the attacker sends this mail to a larger number of users
and then waits to watch who clicks on the attachment that was sent in the
email. It spreads through the contacts of the user who has clicked on the
attachment.
Impact of Phishing
These are the impacts on the user upon affecting the Phishing Attacks. Each
person has their own impact after getting into Phishing Attacks, but these are
some of the common impacts that happen to the majority of people.
Financial Loss: Phishing attacks often target financial information, such as
credit card numbers and bank account login credentials. This information
can be used to steal money or make unauthorized purchases, leading to
significant financial losses.
Identity Theft: Phishing attacks can also steal personal information, such
as Social Security numbers and date of birth, which can be used to steal an
individual’s identity and cause long-term harm.
Damage to Reputation: Organizations that fall victim to phishing attacks
can suffer damage to their reputation, as customers and clients may lose trust
in the company’s ability to protect their information.
Disruption to Business Operations: Phishing attacks can also cause
significant disruption to business operations, as employees may have their
email accounts or computers compromised, leading to lost productivity and
data.
Spread of Malware: Phishing attacks often use attachments or links to
deliver malware, which can infect a victim’s computer or network and cause
further harm.
Password cracking
Password cracking is one of the imperative phases of the hacking framework.
Password cracking is a way to recuperate passwords from the information
stored or sent by a PC or mainframe. The motivation behind password cracking
is to assist a client with recuperating a failed authentication or recovering a
password, as a preventive measure by framework chairmen to check for
effectively weak passwords, or an assailant can utilize this cycle to acquire
unapproved framework access.
Types of Password Attacks :
Password cracking is consistently violated regardless of the legal aspects to
secure from unapproved framework access, for instance, recovering a password
the customer had forgotten etc. This hack arrangement depends upon aggressors
exercises, which are ordinarily one of the four types:
1. Non-Electronic Attacks –
This is most likely the hacker’s first go-to to acquire the target system
password. These sorts of password cracking hacks don’t need any
specialized ability or information about hacking or misuse of frameworks.
Along these lines, this is a non-electronic hack. A few strategies used for
actualizing these sorts of hacks are social engineering, dumpster diving,
shoulder surfing, and so forth.
2. Active Online Attacks –
This is perhaps the most straightforward approach to acquire unapproved
manager-level mainframe access. To crack the passwords, a hacker needs to
have correspondence with the objective machines as it is obligatory for
password access. A few techniques used for actualizing these sorts of hacks
are word reference, brute-forcing, password speculating, hash infusion,
phishing, LLMNR/NBT-NS Poisoning, utilizing
Trojan/spyware/keyloggers, and so forth.
3. Passive Online Attacks –
An uninvolved hack is a deliberate attack that doesn’t bring about a change
to the framework in any capacity. In these sorts of hacks, the hacker doesn’t
have to deal with the framework. In light of everything, he/she idly screens
or records the data ignoring the correspondence channel to and from the
mainframe. The attacker then uses the critical data to break into the system.
Techniques used to perform passive online hacks incorporate replay attacks,
wire-sniffing, man-in-the-middle attack, and so on.
4. Offline Attacks –
Disconnected hacks allude to password attacks where an aggressor attempts
to recuperate clear content passwords from a password hash dump. These
sorts of hacks are habitually dreary yet can be viable, as password hashes
can be changed due to their more modest keyspace and more restricted
length. Aggressors utilize preprocessed hashes from rainbow tables to
perform disconnected and conveyed network hacks.
Some of the best practices protecting against password cracking include :
1. Perform data security reviews to screen and track password assaults.
2. Try not to utilize a similar password during the password change.
3. Try not to share passwords.
4. Do whatever it takes not to use passwords that can be found in a word
reference.
5. Make an effort not to use clear content shows and shows with weak
encryption.
6. Set the password change technique to 30 days.
7. Try not to store passwords in an unstable area.
8. Try not to utilize any mainframe’s or PC’s default passwords.
9. Unpatched computers can reset passwords during cradle flood or Denial of
Service assaults. Try to refresh the framework.
10. Empower account lockout with a specific number of endeavors, counter
time, and lockout span. One of the best approaches to oversee passwords in
associations is to set a computerized password reset.
11. Ensure that the computer or server’s BIOS is scrambled with a password,
particularly on devices that are unprotected from real perils, for instance,
centralized servers and PCs.
Keyloggers
Keyloggers are many hackers and script kiddie’s favorite tools. Keylogging is
a method that was first imagined back in the year 1983. Around then, the
utilization of this product was uncommon and just the top examination
organizations and spies could get their hands on it, yet today, it is a typical
element offered by most government operative applications like TheOneSpy.
Individuals use it as an opportunity to guarantee the assurance of their families,
organizations, and the ones they care about.
Keylogger is a software that records each and every keystroke you enter,
including mouse clicks. Hardware keyloggers are also available which will be
inserted between keyboard and CPU. It provides the following features:
1. It takes a minute to install this software/hardware in the victim’s system,
from the next second onwards attacker will get every activity going on in
the victim computer.
2. Each and every activity happening in the victim’s system with screenshots
will be recorded. This activity will be saved in the victim’s system or it can
be mailed to the attacker email or can be uploaded to the FTP server.
Wondered? Let’s see how attackers do this along with protection techniques.
3. Keylogging highlight of spy applications is adept at recording each and
every keystroke made by utilizing a console, regardless of whether it is an
on-screen console.
4. It likewise takes a screen capture of the screen when the client is composing
(Usually this screen capture is taken when a catch on the mouse is clicked).
5. It works watchfully, escaped the client’s view, for example, the focused on
the client could never discover that all his keystrokes are being recorded.
6. Keyloggers recorder can record writings, email, and any information you
compose at whatever point using your support.
7. The log record made by the keyloggers would then have the option to be
sent to a predefined gatherer.
8. Some keyloggers tasks will likewise record any email that tends to your use
and Web website URLs you visit.
Some software keyloggers code can capture additional information without
requiring any keyboard key presses as input. They include:
1. Clipboard logging: Anything duplicated to the clipboard is caught.
2. Screen logging: Randomly coordinated screen captures of your PC are
logged.
3. Control text capture: The Windows API allows for programs to request
the text value of some controls, it means a password can still be captured
albeit it is behind a password mask.
4. Activity tracking: Recording of which programs, folders, and windows are
opened and also the screenshots of every.
5. Recording of program queries, instant message conversations, FTP
downloads alongside the other internet activities.
Types Of Keylogger
Backdoors allow the attackers to quietly get into the system by deceiving the security
protocols and gain administrative access. It is similar to the real-life robbery in which
burglars take advantage of the loopholes in a house and get a 'backdoor' entry for
conducting the theft.
After gaining high-level administrative privilege, the cyber attackers could perform various
horrendous tasks like injecting spyware, gaining remote access, hack the device, steal
sensitive information, encrypt the system through ransomware, and many more.
Backdoors are originally meant for helping software developers and testers, so they are not
always bad.
Types of Backdoor
As mentioned, Backdoors are not always malicious. Here are the two types of Backdoors
as per their intentions.
Administrative Backdoor
Sometimes software developers intentionally leave a backdoor into the program so that in
case of any failure or error, they can easily reach the core of the software's code and quickly
solve the issue. Such Backdoors are called the Administrative Backdoors. These deliberate
Backdoors can also help the software testers to testify the codes.
Though such Backdoors are only known to the developers, a skillful hacker can take
advantage of it and silently use it for his benefit. So Administrative Backdoor can be called
a type of loophole in the program.
Malicious Backdoor
Malicious Backdoors are the backdoors installed on the system by cybercriminals
using malware programs like Remote Access Trojan (RAT). These are
specifically designed for taking control of the system or network and conduct
malicious tasks. RAT is a malware program that can reach the root of the system and
install the backdoor. RAT is generally spread through a malicious program.
It might be evident by now what havoc a software backdoor can create, even if it is
meant for the rightful purposes. Here is the list of the malicious purposes a backdoor
can be used for:
Cryptojackers can use the backdoor to infiltrate your system and conduct crypto
mining.
Using backdoors, hackers can modify sensitive system settings like Administrative
passwords and others.
Backdoors can help cyber attackers to use your internet connection remotely for uploading
and downloading.
Attackers can also install and run some specific applications or tasks with the help of
Backdoors.
A distributed denial-of-service (DDoS) attack is a type of DoS attack that comes from
many distributed sources, such as a botnet DDoS attack.
The primary focus of a DoS attack is to oversaturate the capacity of a targeted machine,
resulting in denial-of-service to additional requests. The multiple attack vectors of DoS
attacks can be grouped by their similarities.
Buffer overflow attacks: An attack type in which a memory buffer overflow can
cause a machine to consume all available hard disk space, memory, or CPU time.
This form of exploit often results in sluggish behavior, system crashes, or other
deleterious server behaviors, resulting in denial-of-service.
Flood attacks: By saturating a targeted server with an overwhelming amount of
packets, a malicious actor is able to oversaturate server capacity, resulting in denial-
of-service. In order for most DoS flood attacks to be successful, the malicious actor
must have more available bandwidth than the target.
DOS DDOS
In Dos attack single system targets the In DDoS multiple systems attacks the victims
victim system. system..
Victim PC is loaded from the packet of Victim PC is loaded from the packet of data
data sent from a single location. sent from Multiple location.
In DOS Attack only single device is used In DDoS attack,The volumeBots are used to
with DOS Attack tools. attack at the same time.
DOS DDOS
DOS Attacks are Easy to trace. DDOS Attacks are Difficult to trace.
SQL injection
SQL injection is a technique used to extract user data by injecting web page
inputs as statements through SQL commands. Basically, malicious users can
use these instructions to manipulate the application’s web server.
1. SQL injection is a code injection technique that can compromise your
database.
2. SQL injection is one of the most common web hacking techniques.
3. SQL injection is the injection of malicious code into SQL statements via
web page input.
The Exploitation of SQL Injection in Web
Applications
Web servers communicate with database servers anytime they need to retrieve
or store user data. SQL statements by the attacker are designed so that they can
be executed while the web server is fetching content from the application
server. It compromises the security of a web application.
Now, this 1=1 will return all records for which this holds true. So basically, all
the student data is compromised. Now the malicious user can also delete the
student records in a similar fashion. Consider the following SQL query.
Query:
SELECT * from USER where
USERNAME = “” and PASSWORD=””
Now the malicious can use the ‘=’ operator in a clever manner to retrieve private
and secure user information. So instead of the above-mentioned query the
following query when executed retrieves protected data, not intended to be
shown to users.
Query:
Select * from User where
(Username = “” or 1=1) AND
(Password=”” or 1=1).
The software error focuses on buffers, which are sequential sections of computing
memory that hold data temporarily as it is transferred between locations. Also known
as a buffer overrun, buffer overflow occurs when the amount of data in the buffer
exceeds its storage capacity. That extra data overflows into adjacent memory
locations and corrupts or overwrites the data in those locations.
A buffer overflow attack takes place when an attacker manipulates the coding error
to carry out malicious actions and compromise the affected system. The attacker
alters the application’s execution path and overwrites elements of its memory, which
amends the program’s execution path to damage existing files or expose data.
1. System crashes: A buffer overflow attack will typically lead to the system
crashing. It may also result in a lack of availability and programs being put
into an infinite loop.
2. Access control loss: A buffer overflow attack will often involve the use of
arbitrary code, which is often outside the scope of programs’ security policies.
3. Further security issues: When a buffer overflow attack results in arbitrary
code execution, the attacker may use it to exploit other vulnerabilities and
subvert other security services.