Wednesday, 8 February 2017

Counter Measures of Popular Network Attacks

software companies in India

For the first few decades of their presence, computer networks were mainly used by university researchers for distribution of e-mail and by corporate employees for allotment of printers and other properties in all organizations including software companies in India. Under these situations, security did not get a lot of consideration. But now, as millions of people are using networks for their everyday use such as banking, shopping, and filing their tax returns, network security is approaching on the horizon as a potentially huge problem. Because all their regular activities are data sensitive means data should not be changed.

ATTACKS AND THEIR COUNTERMEASURES:

A. Mac flooding: 
MAC flooding is a technique employed to conciliation the security of network switches. Switches maintain a MAC Table that maps distinct MAC addresses on the network to the physical ports on the switch. 
Counter measures: To stop MAC flooding one of the subsequent features should be construct in switch for asp.net software companies India. 
Port security: Post security should be arranged which bounds number of MAC addresses that can be learned on ports linked to end stations. 
Implementations of IEEE 802.1X suites: It often permit packet filtering rules to be installed explicitly by an AAA server built on dynamically learned info about clients with the MAC address.
B. Session hijacking:
session hijacking, also known as cookie hijacking is the use of a valid computer session sometimes also called a session key to get unauthorized access to information or services in a computer system.  
Counter measures: There are numerous types of countermeasures which are listed underneath: 
Encryption: Banks and e-commerce services should use this method because it stops sniffing style attacks for c#.net software companies in india. Some user services make extra checks against uniqueness of the user. 
String as Session key: This stops attacker to guess valid session key over Brute Force attack. 
Reinforcing of Session ID after a Successful Login: This method stops session addiction, because attacker does not recognize the Session ID of the user after she has logged in. 
C. IP Spoofing  
IP spoofing, also known as IP address forgery or a host file hijack, is a hijacking method in which a cracker masquerades as a reliable host to conceal his identity, spoof a Web site, hijack browsers, or get access to a network. 
Counter measures: The countermeasures are given as under  
Encryption and Authentication: This technique is implemented in IP V6 that eliminates current spoofing threats for c#.net software companies India. There should be proper authentication process in place. 
Router filtering: Spoofing can be stop at router level by implementing ingress and egress filtering. Access Control List should be maintaining to allow only trusted IP to interact with your network.
D. Denial of Service Attack  
Denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its planned users, such as to temporarily or indefinitely interrupt or suspend services of a host associated to the Internet.
Counter measures: The DOS [3] attack has subsequent counter measures, 
Smurf Attack: This form of an attack includes sending Internet Control Message Protocol (ICMP) or ping requirements to numerous Internet Protocol (IP) broadcast addresses. All of these messages have a spoofed source address of the envisioned victim. The hosts getting the ICMP echo request with accepting it reply with an echo to the source address, which in this case is the objective of the attack. The weight of this attack is thus effectively increased by the number of replying hosts. If the attack took place on a multi-broadcast network there could possibly be hundreds of machineries to reply to every packet sent. 
UDP Flood: A UDP flood, also known as a fragile, is a partner to the Smurf attack. This is founded on UDP echo and character generator. It practices a forged UDP packet to join the echo service on one machine to the chargen on alternative. These two machineries then practices all accessible bandwidth, sending characters back and forth among themselves. 
SYN Flood: A SYN flood uses the TCP standard 3-way handshake protocol. The attacker starts a connect request to the server and then overlooks the acknowledgement (ACK). This forces the server to delay for the ACK from the attacker, worsening time and resources of asp dot net software companies in India. A server can process a fixed number of requests at any given time and so this form of attack can efficiently block all legitimate traffic. 
With the overview of computer network attacks and their particular countermeasures can help us in safeguarding our data and system from hackers.

No comments:

Post a Comment