1.4.5

Common Active Attacks

Test yourself

Cracking Passwords

Many hackers focus their attention on cracking passwords to overcome authentication mechanisms.

Illustrative background for Cracking passwordsIllustrative background for Cracking passwords ?? "content

Cracking passwords

  • Authentication is the name for any methods which allow users to prove that an account is theirs.
    • The most common authentication method is using a password.
    • Many hackers want to find people's passwords, so that they can gain access to accounts:
    • Finding people's passwords is called cracking the password.
Illustrative background for The brute force attackIllustrative background for The brute force attack ?? "content

The brute force attack

  • A brute force attack tries to crack a password by trying every single combination of letters and numbers until the correct one is found.
  • This can take a very long time, although special software is used to do this which makes it possible to make millions of attempts per second.
Illustrative background for The dictionary attackIllustrative background for The dictionary attack ?? "content

The dictionary attack

  • A quicker form of the brute force attack is the dictionary attack.
  • Rather than attempting every single combination, a dictionary attack tries words from a predetermined list:
    • A common dictionary to use would be a list of common passwords.
Illustrative background for Protection against crackingIllustrative background for Protection against cracking ?? "content

Protection against cracking

  • Writing a network policy which enforces strong passwords can protect against dictionary attacks.
  • Using two-factor authentication can prevent the hacker from logging in, even if they have the password.
  • Restricting the number of failed password attempts before an account is 'locked' for a fixed period of time can deter hackers.

Denial of Service Attacks

Denial of service (DoS) attacks try to prevent a network from functioning by flooding it with useless traffic.

Illustrative background for Denial of service attacksIllustrative background for Denial of service attacks ?? "content

Denial of service attacks

  • DoS attacks attempt to bring down a server by flooding it with loads of useless requests.
  • The attack aims to overload the server. This stops the server responding to legitimate requests.
Illustrative background for Protection against DoS attacksIllustrative background for Protection against DoS attacks ?? "content

Protection against DoS attacks

  • To protect against DoS attacks, a server's firewall can blacklist (ban) any traffic from an IP address which is known to perform DoS attacks.
  • Firewalls can also monitor traffic in real time. So if a new IP address starts to send too much traffic then traffic limits can be set.
Illustrative background for Distributed DoS attacksIllustrative background for Distributed DoS attacks ?? "content

Distributed DoS attacks

  • Distributed DoS (DDos) attacks are commonly used to overcome the blacklisting of an IP address because of a high number of requests.
  • In a DDoS attack, the requests are sent from an army of compromised machines, known as a botnet.
  • Botnet machines are infected with malware which allows a hacker to send requests from their computer.
  • The botnet can launch a huge number of simultaneous requests. The owners of the devices in the botnet might not even realise they are taking part.

Jump to other topics

1Computer Systems

1.1Systems Architecture

1.1.1Architecture Introduction

1.1.2Von Neumann Architecture

1.1.3Fetch-Execute Cycle

1.1.4Factors Affecting CPU Performance

1.1.5Elements of Computer Systems

1.1.6Exam-Style Questions - Von Neumann Architecture

1.2Memory & Storage

1.2.1Types of Memory

1.2.2Flash Memory

1.2.3Virtual Memory

1.2.4Exam-Style Questions - Primary Memory

1.2.5Capacity

1.2.6Solid State Storage

1.2.7Magnetic Storage

1.2.8Examples of Magnetic Storage

1.2.9Optical Storage & its Properties

1.2.10Examples of Optical Storage

1.2.11End of Topic Test - Computer Systems

1.2.12Grade 9 - Storage

1.2.13Exam-Style Questions - Storage

1.2.14Units of Information

1.2.15Number Bases

1.2.16Converting Number Bases

1.2.17Hexadecimal

1.2.18Binary Arithmetic

1.2.19Representing Text

1.2.20ASCII & Unicode

1.2.21Representing Images

1.2.22Representing Sound

1.2.23Data Compression

1.2.24End of Topic Test - Representation

1.2.25Exam-Style Questions -Data Conversions

1.3Computer Networks, Connections & Protocols

1.3.1Benefit of Networks

1.3.2Network Performance

1.3.3Networks: How Do Packets Get Routed?

1.3.4Types of Networks

1.3.5Client-Server Model

1.3.6Pros & Cons of Client-Server Model

1.3.7Peer-to-Peer Model

1.3.8Pros & Cons of Peer-to-Peer Model

1.3.9Network Hardware

1.3.10What is the Internet?

1.3.11URLs

1.3.12DNS & Web Hosting

1.3.13The Cloud

1.3.14Pros & Cons of the Cloud

1.3.15Exam-Style Questions - Networking Models

1.3.16Topology

1.3.17WiFi

1.3.18WiFi Encryption

1.3.19IP Addresses

1.3.20MAC Addresses

1.3.21Network Protocols

1.3.22Application Protocols

1.3.23Layers

1.3.24Advantages of Layering

1.3.25Exam-Style Questions - Network Protocols

1.4Network Security

1.4.1Forms of Attack

1.4.2Malware

1.4.3Social Engineering

1.4.4Phishing

1.4.5Common Active Attacks

1.4.6Information Security

1.4.7SQL Injection

1.4.8Network Administration

1.4.9Protecting Against Malware

1.4.10Authentication & Passwords

1.4.11Encryption

1.4.12End of Topic Test - Networks

1.5Systems Software

1.5.1Types of System Software

1.5.2Operating Systems

1.5.3Operating System Managers

1.5.4File Management

1.5.5Device Management

1.5.6User Management

1.5.7Utility Software: Encryption & Defragmentation

1.5.8Utility Software: Data Compression & Backup

1.6Ethical, Legal, Cultural & Environmental Concern

1.6.1Open Source vs Proprietary Software

1.6.2Licensing Issues

1.6.3Ethical Issues

1.6.4Ethical Issues 2

1.6.5Exam-Style Questions - Ethical Issues

1.6.6Legal Issues

1.6.7Legal Issues 2

1.6.8Freedom of Information Act (2000)

1.6.9Cultural Issues

1.6.10Environmental Issues

1.6.11Positive Environmental Impact

1.6.12Privacy Issues

1.6.13Stakeholders

1.6.14End of Topic Test - Software & Issues

2Computational Thinking, Algorithms and Programming

2.1Algorithms

2.1.1Computational Thinking

2.1.2Algorithmic Thinking

2.1.3Pseudocode & Flow Diagrams

2.1.4Interpreting & Correcting Algorithm

2.1.5Completing Algorithms

2.1.6Search Algorithms

2.1.7Binary Search

2.1.8Overview of Sort Algorithms

2.1.9Bubble Sort & Insertion Sort

2.1.10Merge Sort

2.1.11Exam-Style Questions - Sorting Algorithms

2.2Programming Fundamentals

2.2.1Fundamentals

2.2.2Program Flow 1

2.2.3Program Flow 2

2.2.4Arithmetic & Relational Operators

2.2.5Boolean Operators

2.2.6Data Types

2.2.7Arrays

2.2.8Strings

2.2.9File Handling

2.2.10Structuring Data

2.2.11End of Topic Test - Programming

2.2.12Exam-Style Questions - Translation

2.3Producing Robust Programs

2.3.1Defensive Design Considerations

2.3.2Defensive Design Considerations 2

2.3.3Maintainability

2.3.4Testing

2.3.5Test Plans

2.3.6Error Types

2.3.7End of Topic Test - Programming

2.3.8Exam-Style Questions - Testing

2.4Boolean Logic

2.4.1Computational Logic

2.4.2Boolean Logic

2.4.3Boolean Operators

2.4.4Grade 9 - Logic

2.5Programming Languages & IDEs

2.5.1High-Level vs Low-Level Languages

2.5.2Translation - Compliers & Interpreter

2.5.3Translation - Assemblers

2.5.4Integrated Development Environments

2.5.5Exam-Style Questions - Translation

Go student ad image

Unlock your full potential with GoStudent tutoring

  • Affordable 1:1 tutoring from the comfort of your home

  • Tutors are matched to your specific learning needs

  • 30+ school subjects covered

Book a free trial lesson

Phishing

Information Security