List of Common Cyber Attack Types
| Attack Name | Description |
|---|---|
| Back Door | Opening left in a functional piece of software that allows unknown entry into the system / or application without the owners knowledge. |
| Birthday | A name used to refer to a class of brute-force attacks |
| Brute Force | Will try every single key combination known to crack your password. |
| Buffer Overflow | Attacks take advantage of poorly written code |
| Chargen | Flaw with TCP port 19 where if you connect via the port |
| DDOS | The distributed form of such an attack where many Zombies that have been taken over by hackers launch simultaneous attacks to achieve a more effective denial of service attack |
| Dictionary | Form of password cracking; The term dictionary comes from the actual book of known words |
| DNS Poisoning | When your DNS files are poisoned with bad information |
| Dos | Denial of Service: a denial of service attack is any attack used to achieve the disruption of any service to legitimate users |
| Fragment Attack | Exploit that targets IP fragmentation and reassembly code are common |
| Man in the Middle | Attack when an attacker is able to intercept traffic by placing themselves in the middle of the conversation. |
| Mathematical | (or Algebraic) attacks are a class of techniques that rely for their success on block ciphers exhibiting a high degree of mathematical structure |
| Password Guessing | Or cracking is the attack on authentication credentials for any given system |
| Ping of Death | Attempts to crash your system by sending oversized packets to a host |
| Port Scanning | Is performed by running a vulnerability scanner on a system to see what open ports are open |
| Replay | Attack where a Hacker uses a Sniffer to grab packets off the wire |
| Session Hijacking | TCP/IP Hijacking where a hacker can take over a TCP session between two machines |
| Smurfing | Exploits ICMP by transmitting an echo request packet to a networks broadcast address with a spoofed source address |
| Sniffing | Attacks use protocol analyzers to capture network traffic for password and other data capture |
| Social Engineering | Hackers try to attack the actual systems to exploit their weaknesses |
| Software Exploitation | Attacks against a systems bugs or flawed code |
| Spoofing | Spoofing is a technique used to gain unauthorized access to computers; A hacker must first find an IP address of a trusted host |
| SYN flood | Attacks exploit the three-way handshaking mechanism of the TCP/IP protocol |
| War Dialing | Process of running modem scanning tools against a PBX or any given dialup modem for the purpose of penetration. |
| War Driving | Process of using an attack tool to penetrate wireless systems from outside the facility where the wireless system sits |
| Weak Keys | Secret keys with a certain value for which the block cipher in question will exhibit certain regularities in encryption or, in other cases, a poor level of encryption |