A key aspect to any war is to get to know your enemy. Hence, is important to know which ones are the most common kind of attacks that are out there. However, the below list of attacks is a basic-kind-of attacks list, and since technology is always changing more attacks are created and evolving every day.
- Social Engineering: in an attack in by which the attacker manipulates people who work in a capacity of some authority (including the authority capacity that you have over your own data).
- Dumpster diving: is an attack by which a dumpster diver would look through trash and other unsecured materials (including the recycle bin of your laptop or server)
- Password cracking: the attacker wishes to gain authentication (and authorization) to network resources by guessing the correct password
- Flooding: A flooding attack can overwhelm the processing and memory capabilities of a network system or a server
- Spoofing: is any attempt to hide the true address information of a node and usually associated with IP spoofing is not always an attack
- Birthday attack: any attack based on favorable probability
- Buffer overflow: is very common when attacking application level servers and services. Basically a buffer is a memory stack that has a certain holding size. Through a specifically and maliciously crafted packet, information can overflow in that stack, causing a number of problems. Some buffer overflow result in a simple denial of service while others can allow for system compromise and remote takeover of a system. Patches are usually issued to defend against specific buffer overflow issues.
- Sniffing in an attack in which the attackers “sniffs” information, either off the media directly or from a regular network traffic. In order to compromise the confidentiality or integrity of the information*
If you know any other type of attacks I will encourage you to share in the comment section below.
*information subtracted from COMPtia Security+ Training Book.