Although as the saying goes, "Trendy", the victims in the network attack are often some small and medium local area networks. Because their network security defense and counterattacks are relatively poor, so in all kinds of rivers and lakes, they always become "people" or "knife" of the killing killing. As the saying goes, "know yourself know each other, a hundred battles," here simple list, give you a wake up, especially the network management in "Novice".
Stealing the password
We know that services that are used to steal passwords include FTP, TFTP, Mail System, Finger and Telnet, and more. In other words, if the system administrator is not careful or not lucky when choosing a host system, the attacker should steal the password file will be easy, so the means of preventing the use of software should be very cautious, everyone must Remember: The bad guy is enough to use success once.
Defect and back door
In fact, there is no perfect code, perhaps the system's somewhere is latency or the back door is waiting for people, and the difference is just who will find it first. Only the correctness of the input information is checked from all aspects, or can avoid these defects from all aspects. For example, if the program has a fixed-size buffer, no matter what type, must ensure that it does not overflow; if you use dynamic memory allocation, you must prepare for the exhaustion of the memory or file system, and remember the recovery policy. Memory and disk space are also required.
Identification failed
Even a perfect mechanism will be broken in some specific circumstances. For example, the verification of the source address may be performed under certain conditions (such as firewall filtering forged packets), but hackers can retransmit a request with program portmapper. In this case, the server is ultimately spoofed, and the message surface originated locally, but it originated elsewhere.
Agreement failed
The game for finding the protocol vulnerability has always been in a hacker, especially in the field of cryptography. Sometimes because the password generator has made mistakes, it is too clear and simple. More situations are caused by different assumptions, and the correctness of the password exchange is difficult.
Information leakage
Most of the agreements will leak some information. Gao Ming hacker does not need to know which computers in your LAN, as long as they can find hidden hosts and interested services via address space and port scanning. The best defense method is a high-performance firewall. If hackers cannot send packets to each machine, the machine is not easily invaded.
Reject service
Some people like to thorns someone else's tires, and some people like to have doodles on the wall, and some people especially like to make people's machines. Many network attackers are uncomfortable to this kind of behavior that is unfavorable. This kind of confusion is a variety of behaviors, but it is almost the same, that is, I want to exhaust your resources, so that your computer system is paralyzed. Although proactive filtration can protect you in a certain extent, this attack is not easy to identify, it is often unfair.
Maybe you have also encountered other attack methods, we can't listed here, in turn, in turn: the road to the network, step by step.
