Introduction Without security measures and protocols set up, some data can be exposed to attacks. Some attacks are “passive,” which results in data observation; other attacks may be active, involving data being modified with the intention of corrupting or destroying the information or the network itself. Say no to plagiarism. Get a tailor-made essay on "Why Violent Video Games Shouldn't Be Banned"? Get an original essay Every network is vulnerable to any of the listed forms of attack if the correct security procedures and defenses are not in place. Eavesdropping Typically, almost all network communications occur in an unsecured or "plaintext" configuration, meaning that it is possible for an attacker who has bypassed certain defense measures and has network access to the "data paths" in the network "listen" or decipher (or in other words "read") information/traffic. When this happens and an attacker spies on/listens to certain communications, it is often referred to as snooping/sniffing. The threat of an attacker eavesdropping to observe a network is considered one of the top security issues administrators face in an enterprise. /Commercial activity. Without reliable encryption services based primarily on cryptography, business/business information can be intercepted and interpreted by other users, such as attackers, as it circulates across the network. Types of Attacks Data Modification After an attacker has interpreted and intercepted any information, the next step would be to modify it. An attacker can alter intercepted information in the data packet without the sender or recipient's knowledge. While confidentiality is not required for all communications between users, any company would not want their employees' communications to be altered in transit. For example, if a company is changing purchase requisitions, neither company would want data that could include number of items, billing information, amounts, or other data to be altered by an attacker. Identity Spoofing (IP Address Spoofing) Most networks and operating systems use a device's IP address to identify a valid entity. In some scenarios it is possible for an IP address to be mistakenly assumed: this is called “identity spoofing”. An attacker could also use unique programs/applications whose sole purpose is to create IP packets that appear to derive from valid addresses within a company/corporate intranet. When an attacker gained access to a network with a legitimate IP address (built by special /applications software), they can alter, delete, or redirect information. The attacker can also direct other types of attacks from this list along with Spoofing. Password-Based Attacks A very common feature in most operating systems and network security plans is password-based access control. This means that a user's access rights to a device and resources on the network are limited to each user, that is, the username and password used to log in. Older applications do not always protect identity data as it is transmitted over the network for authentication. This could allow an attacker/eavesdropper to gain illegal access to a network by impersonating a valid user. When an attacker obtains a valid account, they have the same privileges as the user they are impersonating. Accordingly, if the accountof the user he has access to is an administrator with administrator-level privileges, the attacker is also able to create accounts that he could use at a different time. If an attacker is able to access a network even through a normal user account without administrator rights, they will be able to do the following: Obtain lists of authorized users and device names along with network information. Modify, redirect or delete user data. It is capable of altering server and network settings, such as access controls and routing tables. Denial-of-Service AttackA denial-of-service attack prevents valid users from using any device or network that users would normally be able to gain access. If an attacker is able to gain access to a network, they can do any of the following; It is able to randomize the attention of internal information systems personnel so that personnel are not immediately aware of the intrusion, thus further allowing more attacks to occur during this confusion which can cause chaos internally for a targeted company. Next they nullify information about network services or applications, which in turn triggers termination or l irregular execution of targeted services or applications. Bombards a complete network or device with traffic until it causes the targeted device or network to crash due to excess traffic. Obstruction of traffic flow, which in turn causes the complete blocking of access to network resources even by authorized users. Man-in-the-Middle AttackA man-in-the-middle attack occurs when one person between two communicating users vigorously monitors, seizes, and manages the communication without either communicating individual knowing that their information is being intercepted. When computers exchange information at low levels of the network layer, it can be difficult to determine who they are actually exchanging data with. Man-in-the-middle attacks can be thought of as someone impersonating you and your identity so that they can read your message. The person the attacker is communicating with, while impersonating another user, may believe that the attacker is truly someone else as the attacker may actively respond while impersonating someone else to ensure the exchange continues so that he or she may be able to ascertain further information. Compromised Key Attack A key is a secret number or code required to decrypt protected/encrypted data. While getting hold of a key is challenging and resource-intensive from an attacker's perspective, it is still achievable. Once an attacker has obtained a key, it is called a “compromised key.” An attacker can then use the compromised key to illegally gain access to a protected communication without either the sender or the recipient knowing that their communication is under attack. A compromised key also allows an attacker to decrypt or modify the data and attempt to use the key to calculate multiple keys, potentially allowing the attacker to access other protected communications. Sniffer Attack A "sniffer" is a device or application that can interpret, monitor, and intercept network information exchanges and read network packets. If network packets are not encrypted, the sniffer application/device offers a complete view of the information within the data packet. Encapsulated packets are not immune to this type of attack and can be cracked and read unless.