x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF

Technical Support

Need help?

 

What type of attacks or intrusions are currently used on the Internet?

Information applies to:

Products
Panda GateDefender Integra 100
Panda GateDefender Integra 300

Below you will find a list of the attacks that are currently carried out across the Internet, with a brief explanation of each one and the vulnerabilities they exploit.

  • Sniffing: This involves listening to the data on the Internet, without interfering with the connection. It is principally used to obtain passwords, and on other occasions confidential information. In order to protect passwords against sniffing, authentication and encryption are needed.
  • Spoofing: This is the name given to attempts by attackers to access a system by passing themselves off as another with sufficient privileges to make the connection. With respect to TCP connections, the most common type of attack is sequence number guessing. This method is based on the idea that if an attacker can predict the initial sequence number of a TCP connection generated by the target computer, the attacker can then adopt the identity of the trusted computer.
  • Hijacking: This method is based on stealing the connection once the user has successfully identified themselves on the system. The computer from which the attack is launched must be at one of the extremes of the connection, or at least on the route between both of them. Encryption is the only secure method to protect against this type of attack.
  • Social Engineering: These are attacks that exploit the gullibility of users. One such example is as follows: the mail is sent from the “root” sender to a user on a large academic network (where users frequently do not know the administrator),  with the message “please change your password to alabama1”. The attacker then waits a while, and enters with this password. From then on, other attack techniques can be used (security holes in the system to take complete control of the computer, trust transitivity to enter other network computers, etc.) To combat this type of attack the best defense is to educate users about things they should never do, and what information should not be given out, other than to the administrator in person.
  • Exploiting software holes: Exploitation of errors in software applications. Numerous programs operate with too many privileges, making them susceptible to attack; all that is needed is to make a copy of the software and subject it to a series of tests to detect a vulnerability that can be exploited.
  • Trust transitivity: Unix systems include the concept of trust between hosts and users. A system is said to be trusted by another when from the first one, any user can establish connection with the second without needing a password. A system user is said to be trusted by another system when this user, from the first system, can establish connection with the second without needing a password. In this way, any attacker that can take control of a computer can probably connect to another thanks to the trust system between hosts and/or users.
  • Data driven attacks: These are attacks that take place without active participation by the attacker when they occur. The attacker sends the victim a series of data which when interpreted, executes the attack itself.
  • Trojan/ Trojan horse: This is a program made out to look like it is something else, often with the objective of gaining access to an account, executing commands with the privileges of other users.
  • Denial of Service attack (DoS): These attacks are aimed at preventing legitimate users from using compromised systems. A typical case is mail bombing, sending a huge amount of mail to a system until it is saturated. As it is almost impossible to prevent denial of service attacks, the most important thing to do is to configure services so that if one is saturated, the rest will function until the problem is found and resolved.
  • Source routing: IP packets optionally allow source routing, with the person that initiates the TCP connection being able to explicitly specify the route. The target computer must use the inverse of this route as a return route, and therefore an attacker can pass himself off as any computer in which the target trusts (forcing the route to the real computer to go through that of the attacker).   Given that source routing is rarely used, the easiest way to prevent against this is to disable it in the router.
  • Password guessing: A high percentage of intrusions in systems is due to failure in the password system. The most common failure is a bad choice of passwords by users. These attacks normally take one of two basic forms. The first consists of trying to enter using know or assumed login-password pairs (many operating systems have administrator accounts with default passwords, which although not described in system manuals, are well-known to attackers.). The second way in which hackers obtain password is through the use of crackers (programs that compare a dictionary of terms against files of stolen passwords). To protect against these attacks it is vital to educate users on how to choose a password and how to keep password files safe.
  • Icmp redirect and destination unreachable: Many ICMP messages received in a host are specific to a particular connection or are emitted by a packet sent by this host. The intention is to limit the scope of the changes dictated by ICMP. Unfortunately, old implementations of ICMP do not use this extra information, and when one of these messages arrives, all connections between the two hosts taking part in the collection that generated the messages will be affected. In addition, with the redirect option, someone can alter the route to the target in order to reroute the connection they are interested in through their computer. The redirect messages must only be obeyed by hosts, and not routers, and only when they come from a router in a directly connected network.
  • Tempest: Electrons on a computer screen emit signals which can be captured even several kilometers away. Tempest technology is able to reconstruct, from captured signals, the image displayed on the screen that caused the signals. This technology is still highly expensive and for the moment is not a problem to be concerned about.
Help nº- 20070702 31443 EN

Have you resolved your query with this article?

yes no

Thanks for your answer


Why didn't you find it helpful?


The instructions are too complex.
The instructions are too long.
The instructions don't work.
I'd rather have a video.
Other reasons.




Talk to a technician!

 

Business hours: Mondays-Fridays 9:00 to 18:00 CET

Outside business hours, please use the online form.





Do you need one of our technicians to connect to
your PC or device remotely to fix a problem?

Discover our Premium Services

ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT
ALWAYS ONLINE TO HELP YOU TWITTER FORUM RATE US CHAT