About network attack, detection and prevention – part 001.

Because I met various people users and admins who have trouble understanding some network tools will briefly present a small tutorial about common network attacks.
Basic theory
DOS attacks – is usually used to send a lot of traffic to the victim machine to consume its resources so that the legit users are not able to access the services.
Ping flood – this attack will send you a huge amount of Ping packets with packet size as big as possible. In windows, you can specify the data/buffer size too.
MAC flooding – with this attack the attacker will transmit a lot of ARP packets to fill up the switch’s CAM table and this which means that the switch will broadcast the incoming packet to all the ports.
ARP spoofing – in this case you shall associate your MAC address to victim’s IP address by sending a specially crafted ARP frame.
Tools for simulating the attacks
Any software for networking with sniffing and detect can be detected by servers.
– Hackers used using Kali – Debian distro Linux (it contains a lot of tools).
– Ping flooding tool: Nping
– MAC flooding tool: Macof
– ARP spoofing tool: dSniff
Detection and prevention
Any network attacks or simulate attacks can be detected by hardware and software.
You can use also the Wireshark to detect the attacks.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.