Network Security

-



 

A ping flood DDoS attack, also known as a Ping flood attack, is a common Denial-of-Service (DoS) attack in which an intruder tries to overcome a targeted device with ICMP echo requests. Typically, ICMP echo-request and echo-reply messages are used to ping a network device to diagnose the device's health and connectivity and the link between the sender and the device. 


The network is forced to respond with an equal number of reply packets by flooding the target with request packets. This causes the target to become unavailable to regular traffic. A ping attack demands that the intruder knows the IP address of the destination. Attacks can be divided into three kinds, arranged by the target and how the IP address is resolved:


  • Blind ping – This involves using an external program to reveal the IP address of the target computer or router before launching a DDoS attack.

  • Router disclosed – the ping flood targets routers to obstruct information between computers on a network. In this type of DDoS attack, the attacker must have the internal IP address of a local router. 

  • Targeted local disclosed – In this type of DDoS attack, a ping flood targets a specific computer on a local network. In this case, the attacker must collect the IP address of the target already. 

 

Phishing:

Scammers use email or text information to deceive you into providing them your data. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that data, they could obtain your email, bank, or other accounts. Phishing emails and text communications may look like they're from a business you know or trust. 

They may look like they're from a bank, a credit card company, a social networking site, an online payment website or app, or an online store. Phishing emails and text messages often tell a tale to deceive you into clicking on a link or opening an attachment. 

They may say they've noticed some suspicious activity or log-in attempts, claim there's a problem with your account or your payment information, say you must confirm some personal data, include a fake invoice, want you to click on a link to make a payment, say you're qualified to register for a government refund, offer a coupon for free goods.

 

Password Cracking:

Password cracking means obtaining passwords from a computer or data that a computer broadcasts. This doesn't have to be a sophisticated method. A brute-force attack where all potential combinations are examined is also password cracking. If the password is saved as plaintext, hacking the database gives the attacker all account data. 

However, now most passwords are stored using a key derivation function (KDF). This takes a password and runs it through a one-way encryption cipher, creating what's known as a "hash." The server stores the hash-version of the password. It's easy to try different hashed passwords at a high rate when using a GPU or botnet. 

That's why most password hash functions use key stretching algorithms, which increase the resources (and, therefore, time) needed for a brute-force attack. Some methods of password cracking become significantly more complicated if your password uses salting or key stretching. Unfortunately, there are still some services that store unencrypted or poorly encrypted passwords on their servers. The best practices for passwords are long lengths, combining letters, numbers, and special characters. Never re-use. Avoid easy-to-guess words. 

Comments

Post a Comment

Popular posts from this blog

HOA Election & Voting Web Apps

-
Image
  There are several online platforms and services specifically designed to help Homeowners Associations (HOA) manage voting securely and anonymously. These platforms generally offer features that ensure only homeowners can vote and that the voting process remains anonymous. Here are some options to consider: 1.  VoteHOA Features: A dedicated service for HOA elections, offering secure online voting with strict voter authentication processes and guarantees of anonymity. The platform is designed to ensure that only eligible homeowners can vote and that their votes are anonymous. Why It Works: Includes both emailbased verification and access codes that make sure only homeowners participate, while preserving voter privacy. 2. ElectionBuddy Features: Specializes in secure and anonymous online voting for HOAs and other organizations. ElectionBuddy allows voters to authenticate their status (e.g., homeowner or member), while keeping their vote confidential. It also provides audit trails, ensur
Read more

About Me

-
Image
  Find a good and calm place to raise a family and put down roots.  My goal is to learn the skills needed and then assist local governments with their security needs.   We have seen increased ransomware and malware operations trying to cripple our utilities, hospitals, and police departments.  Each of us has to help each other from a humanity and morality perspective.   All it takes for evil to prevail is for good men and women to do nothing.    BlogThis! Share to Twitter Share to Facebook
Read more

Homeowner Participation and Input in HOAs

-
Image
  Homeowners associations play a vital role in managing community affairs, and active homeowner participation is essential for their success. Engaging residents in decision-making processes not only fosters a sense of community but also ensures that the interests and concerns of homeowners are addressed. Property Code Title 11 Restrictive Covenants Chapter 209 Texas Residential Property Owners Protection Act lays out specific provisions designed to enhance homeowner input, covering areas such as open meetings, voting rights, and financial oversight. By providing platforms for discussion and mechanisms for participation, these laws empower homeowners to take an active role in shaping their communities. Homeowner Participation and Input in HOAs Open Meetings : Board meetings must be open to all homeowners, allowing residents to attend and listen to discussions on various topics, including financial matters and community policies. Member Comment Periods : Many HOAs provide designated tim
Read more