In addition to malicious code attacks, it is also possible for networks to fall prey to various network attacks. Network attacks can be classified into three major categories:
- Reconnaissance attacks - the unauthorized discovery and mapping of systems, services, or vulnerabilities
- Access attacks - the unauthorized manipulation of data, system access, or user privileges
- Denial of service - the disabling or corruption of networks, systems, or services
Reconnaissance Attacks
External attackers can use Internet tools, such as the nslookup and whois utilities, to easily determine the IP address space assigned to a given corporation or entity. After the IP address space is determined, an attacker can then ping the publicly available IP addresses to identify the addresses that are active. To help automate this step, an attacker may use a ping sweep tool, such as fping or gping, which systematically pings all network addresses in a given range or subnet. This is similar to going through a section of a telephone book and calling each number to see who answers.
Click each type of reconnaissance attack tool to see an animation of the attack.