ATTACK ON INFORMATION SYSTEMS

Methodologies of Attack on Information Systems

Methodologies of Attack on Information Systems

Introduction

Information system can be attacked in several ways but in this paper we will be discussing with two cracking methodologies, which includes the exploitation of open standards of TCP/IP model and exploitation by the procedures and people within an individual organisation. The open statndard in networking has created great challenges for the Information systems worldwide, which have exploited the legitimate functionality of the system. The design, configuration and the functionality of an open system is also affected by the loopholes in organization, which are expoilted by the people in organization.

Exploiting the open standards of the OSI Reference Model or the TCP/IP Model, which are used Universally.

Identity theft in an attack by the attacker to demonstrate that person or user is falsifying identity cards. Identity theft is divided attack into three sections, namely the attack on the protocol documentation to intercept data (MAN IN THE MIDDLE - MITM), and attack retransmission (Replay attack), and finally attack to rob a TCP / IP or the so-called TCP / IP Hijacking. The attack is divided identity theft into three sections. First, the attack on the protocol documentation to intercept data (MITM), an attack on the work of an authentication protocol where the attacker positions himself between the two devices, the applicant's documentation and the party responsible for verification of identity, and thus be able to read and intercept and modify data or messages transmitted between them (Layton, 2007, 23).

The second type is an attack retransmission (Replay attack), which is similar to an attack (MITM) to some extent, it captures the information and then send it again later without amendment. Finally, the attack to rob a TCP / IP or the so-called (TCP / IP Hijacking), and is done by circumventing (Spoofing) is the term given to the process of impersonation for accessing the system, and this is the amendment in the paths Source Routing, from through amendment in the IP address and give it a form look like coming from a particular computer. For instance, if IP is not coming from particular system, then the identifiaction of trusted IP can not be observed, and the person will be circumvented and deceived. The use of means of protection and safety by exposure to the types of attack is considered one of the best ways to prevent, for ensuring that user, so as not to expose himself or his network at risk (Brancheau, 1987, 23).

The other example for exploiting the open standards of TCP/IP model is the Nicknapping, which is the occurrence in the Internet under the name or pseudonym of another discussion participant or user. It is possible not only by inventing, but explicitly using the real names of living people, by the use of third parties which does not necessarily have noticed something (Agarwal, 1999, 361). For discussion platforms which requires registration, it is necessary that the person register himself, otherwise there can be a possibility of duplicate ...