Professional Documents
Culture Documents
Phases of Hacking ( 3 )
CCSIT – King Faisal University
Dr. Ahmed Alyahya
Textbook
Phases of Hacking
HTTP ( HyperText Transfer Protocol )
Hypertext Transfer Protocol (HTTP) is a method for encoding and transporting information between a
client (such as a web browser) and a web server. HTTP is the primary protocol for transmission of
information across the Internet.
How Works ?
Request Line Method (GET, POST) , Path to the page (index.html) , Http version (http/1.1)
http request
General Headers Date and Time of http request
www.google.com IP ?
Request Headers http request
Host (www.google.com) , Browser (Chrome 112.0.5615.49)
80
Web Server
http response
Status Line
Information
General Headers
http Success
Response Headers name
response
and version that house the Redirection
domain ( e.g., Apache/2.4.57)
Client Error
Message Body
Server Error
HTTP vs HTTPS
DNS
DNS (Domain Name System) is the system that translates an Internet or Host name (that is
easier for people to remember) to an IP address.
Prevention : If you receive a flood of DNS reply messages from a particular server, you can add
rules to your firewall (Blocking).
Man in the Middle (MITM) attack
In a MiTM attack, the attacker fools you or your computer into connecting to their computer.
They make you or your computer believe that they are the server. Then, they connect to the
server pretending to be you and relay all the information both ways.
Man in the Middle (MITM) attack
IP spoofing
- Masquerading as a someone else using their IP address.
DNS spoofing
- Trick users into visiting malicious websites thinking they are legitimate.
Example :
- Overloading web or database servers through bogus requests.
DOS and DDOS
- Financial loss.
- Reputational damage.
Protection against DDoS attacks.
- IP Blacklisting : Check the suspicious IPs and add them to your firewall rules in order to
block them.
Questions