Saturday, 6 August 2016

Internal Attacks

Article on Internal Attacks:

What is an Internal Attack?

An internal attack is a type of attack which is carried out inside the target network itself. The attack can be executed by physical attack or through the network.

As a pen tester I always prefer an internal attack. Because these are most effective than the external attacks and more easy to conduct. As a security engineer you may not have permission to proceed with an internal attack. But when you get a chance, never lose it.

This article consists important factors of an internal attacks. So let’s get started shall we ,,,,
So when we are an internal attacker we proceed somewhat like a Gray Hat. We will be having privileges of trusted source in a network.

DOS ;-0

When I was testing a network, I came to that know all networks are DOS vulnerable when you have access to the network. Yes, when you are a trusted source, you can DOS the network internally where the network is friendly with you. The network will accept all the packets you have sent to the network, so it makes easy to conduct a heavy ping attack (ping of death may be).

File Sharing ;-)

It’s obvious that the network has to share resources. That’s where we get the chance of exploiting. It gets easy when the network has a dialup connection. ‘My network place’ can be a heaven for pen testers.

BOT ;-)

A physical BOT can be very useful. No need of rat or Trojan. A BOT you will have it in your own hands. The BOT can be your own testing peace (ex- Kali Linux Live)

Forgot Sniffing ??

The internal sniffers can offer more than a web sniffer. No interrupted routes can make sniffing packets easy.

Social Engineering Attack -)

Manipulating the company workers to give their usernames and passwords will be fun. You can sharpen your skills here.

Other posts you would like -

No comments:

Post a Comment