Reconnaissance Attacks

Posted: 31st July 2020 by ccna7guru in ITN
Tags: , ,

In addition to malicious code attacks, it is also possible for networks to fall prey to various network attacks. Network attacks can be classified into three major categories:

  • Reconnaissance attacks – The discovery and mapping of systems, services, or vulnerabilities.
  • Access attacks – The unauthorized manipulation of data, system access, or user privileges.
  • Denial of service – The disabling or corruption of networks, systems, or services.

For reconnaissance attacks, external threat actors can use internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned to a given corporation or entity. After the IP address space is determined, a threat actor can then ping the publicly available IP addresses to identify the addresses that are active. To help automate this step, a threat actor may use a ping sweep tool, such as fping or gping. This systematically pings all network addresses in a given range or subnet. This is similar to going through a section of a telephone book and calling each number to see who answers.