Three classes of attack are commonly found in today’s network environment:
- Access attacks
- Reconnaissance attacks
- Denial of service (DoS) attacks
Access Attacks
An access attack is just what it sounds like: an attempt to access another user account or net-work device through improper means. The four main types of access attacks are
- Password attacks
- Trust exploitation
- Port redirection
- Man-in-the-middle
Reconnaissance Attacks
The four main subcategories or methods for gathering network data for a reconnaissance attack are
- Packet sniffers
- Port scans
- Ping sweeps
- Information queries
Denial of Service (DoS) Attacks
DoS attacks are often implemented by a hacker as a means of denying a service that is normally available to a user or organization. The three main types of DoS attacks are
- Distributed DoS
- TCP SYN
- Smurf
Mitigating Network Threats
The following actions can be taken to lessen the impact of an attack on a network:
- Authentication, Authorization, and Accounting (AAA)
- Cisco access control lists (ACLs)
- Cisco IOS Secure Management features: SSH, SNMP, Syslog, and NTP
- Encryption protocols: SSH, IPsec, and SSL
- Security appliances and applications: Firewall, IPS, and IDS