Common stresser attack types DNS – Sends a query to thousands of recursive D

1. Common stresser attack types
2.  
3. DNS – Sends a query to thousands of recursive DNS resolvers that returns the DNSSEC record for a domain. The method is a UDP based attack.
4.  
5. NTP – Sends a query to thousands of servers that have NTP which exploits the monlist remote command. The method is a UDP based amplification attack.
6.  
7. SSDP – The DDoS method that is more popular in countries such as Asia. It sends queries to thousands of uPnP enabled devices to create an amplified UDP DDoS attack.
8.  
9. CHARGEN – The DDoS method utilizes the port 19 CHARGEN service in querying thousand of CHARGEN servers to amplify this UDP based DDoS attack.
10.  
11. HOME – HOME is a type of UDP amplification flood that is meant to take home connections offline and very small servers.
12.  
13. LAG – LAG sends a burst of UDP packets every few seconds then dies down and repeats itself again. It is meant to solely lag the target and not actually take them offline.
14.  
15. XSYN – XSYN is a modified script of the popular ESSYN method. Starfall modified this script back in around 2013.
16.  
17. SSYN – SSYN sends spoofed TCP packets that have the SYN flag to a host.
18.  
19. TCP-ACK, TCP-RST, TCP-PSH – These are all the same method in theory, but they each have their own unique TCP-FLAG (ACK, RST, PSH).
20.  
21. DOMINATE – DOMINATE is a modified version of the ESSYN script that uses a scramble of all TCP-FLAGS. It is known to bypass some DDoS Protection.
22.  
23. VSE – VSE is a Valve Source Engine UDP based DDoS that are meant for games using this specific Game Engine.
24.  
25. XML-RPC – XML-RPC is a layer 7 HTTP DDoS attack that exploits the xmlrpc.php file in the wordpress software to amplify DDoS attacks.
26.  
27.  
28. Important jargon
29.  
30.  
31. Adware
32.  
33. An unwanted program that, once installed onto your computer, will harass you with unwanted advertising.
34.  
35. Antivirus
36.  
37. A computer program designed to protect your machine from malicious code that would do you harm.
38.  
39. Arbitrary code execution
40.  
41. The process by which a hacker can take control of a computer in order to execute any command. An exploit is used which takes advantage of any security flaws.
42.  
43. Backdoor attack
44.  
45. Software designers will often put what is known as a backdoor into their software in order to save themselves time – it could serve a number of purposes including giving them access without the need for going through security checks or entering a password. Sometimes these backdoors get left in for one reason or another and hackers look for them as a means to gain entry to your computer.
46.  
47. Blackhat
48.  
49. A name given to hackers who are on the wrong side. A blackhat hacker is the type of guy who gets all hackers a bad name through their criminal behaviour.
50.  
51. Bot
52.  
53. This is the name given to an individual machine that is part of a larger collection known as a botnet (see below). Comes from the word ‘robot’ due to the fact that the machine is under the control of someone else.
54.  
55. Botnet
56.  
57. A collection of machines that have been ensnared via a virus, trojan, worm or other and placed under the control of a single person via a command and control centre.
58.  
59. Often hired out at a few cents each, collectively they can be used for DDoS attacks.
60.  
61. Botnet herder
62.  
63. One of the names given to someone who controls a botnet.
64.  
65. Bullet-proof hosting
66.  
67. A web host that guarantees its servers will not be closed even following requests from law enforcement. Typically such hosts will be found overseas where computer crime laws are either not enforced or don’t exist in the first place.
68.  
69. Buffer overflow
70.  
71. When you open a program on your computer it will be allocated an amount of memory which is known as a buffer. Poorly written programs may not be able to hold extra data which will cause an overflow which in turn will crash the machine.
72.  
73. Hackers can take advantage of this situation by flooding a program with data and deliberately causing an overflow. This in turn leads to security holes which allows them a way into the target machine.
74.  
75. Carder
76.  
77. Someone who either steals or trades stolen credit card information.
78.  
79. Channel
80.  
81. A virtual ‘room’ on the Internet Relay Chat (IRC) system. Each channel will generally be dedicated to a single specific topic.
82.  
83. Command and control centre
84.  
85. Used by criminals to send instructions, such as displaying ads or sending spam out, to botnets under their control.
86.  
87. Cross-site scripting
88.  
89. This is a sophisticated attack that tricks a user into thinking they are conducting their financial business on a legitimate website when in fact they are giving their details away to the bad guys who have in fact exploited the genuine site.
90.  
91. Crypto-ransomeware
92.  
93. A malicious piece of code which will lock you out of your PC, or parts of it such as your photos and music collection, by encrypting your own data. Those behind this ransomeware will then demand payment in order to set your computer free from this hostage situation.
94.  
95. Dead-drop
96.  
97. A hijacked computer or server which is used to store personal information which has been stolen via the use of viruses, spyware or keyloggers. They are a very risky proposition to hackers as they are incredibly incriminating and they are usually shut down very soon after their creation.
98.  
99. Defence in depth
100.  
101. The use of different layers of protection to protect a system. For example, the combined usage of antivirus software, a firewall, sandbox and virtual private network in order to get differing types of protection.
102.  
103. DoS attack
104.  
105. Denial of Service – An attack whereby one computer and one net connection is used to flood a server with packets, the aim of which is to overload the server’s bandwidth and other resources.
106.  
107. DDoS attack
108.  
109. Distributed Denial of Service – As a DoS attack above but this time using multiple computers and internet connections. Often far more effective it utilises computers unwittingly caught in a botnet.
110.  
111. Drive-by download
112.  
113. Malicious code that automatically installs itself onto the victim’s computer when they visit an infected website. Typically the code installed will be unwanted programs such as toolbars but keyloggers being installed via this method is becoming increasingly common.
114.  
115. Exploit
116.  
117. A vulnerability, or bug, that is found in a piece of software that allows a hacker to gain access to a computer, web site or network.
118.  
119. Exploit kit
120.  
121. A ready assembled kit available to criminals, for a price, that can be used to hack computers. Often popular due to their ease of use.
122.  
123. Firewall
124.  
125. A piece of software that sits between a computer and the internet. Either installed on your computer or embedded in your router a firewall will filter inbound and outbound traffic, neutralising any threats it detects.
126.  
127. Frankenmalware
128.  
129. The spawn of malware, frankenmalware describes the result of viruses accidentally infecting worms that are already on the victim’s computer – the offspring can often become fast-moving and unpredictable new forms of malware themselves.
130.  
131. Goat machine
132.  
133. An unprotected machine used by security researchers to attract malware writers in order to attract as much threat information as possible in a safe environment. Takes its name from the scene in Jurassic Park in which a goat was used as bait for the T-Rex.
134.  
135. Honeypot
136.  
137. A machine, or network of machines, set up to look like a helpless target. Often created by security firms and researchers in order to capture data about new threats. Online criminals are become increasingly aware of honeypots and are writing malware that will detect them and give them a wide berth rather than give up their secrets.
138.  
139. IP address
140.  
141. A collection of numbers that identifies every machine that connects to the internet. Each of your devices will have its own unique IP (Internet Protocol) address.
142.  
143. IP hacking
144.  
145. IP hacking occurs when a criminal discovers the Internet Protocol address of a computer or web server and then uses it to attack the machine, this will often be for the purposes of defacement or theft of data (servers) or installation of malware or theft of data (individual PCs).
146.  
147. Keylogger
148.  
149. A small piece of code that is installed on a machine with the express purpose of capturing data above every key press that is made on that device. Can be used for a variety of purposes ranging from spying on loved ones to stealing login data for banks and other sensitive sites.
150.  
151. Malnets
152.  
153. Malnets are a malicious network of websites, servers and domains that are responsible for a series of recurrent attacks. They can typically be hired for a few thousand dollars at a time and will be highly effective before being quickly shut down again.
154.  
155. Malvertising
156.  
157. The practice of hiding malware in fake web advertisements. Such infected ads will often be found on well-known sites. More advanced versions do not require user action and will infect your machine automatically, whether you click on an ad or not.
158.  
159. Malware
160.  
161. Malware takes its name from the phrase malicious software and is used to describe any unwanted program that makes its way onto a computer.
162.  
163. Man-in-the-middle attack
164.  
165. A highly sophisticated attack which sees a hacker intercept data between two points, typically a user’s computer and a financial website. Can be useful in dealing with security measures that rely on more than mere passwords for access.
166.  
167. Packet sniffing
168.  
169. The process of examining individual data packets sent between computers. All too often such data packets will contain sensitive information such as login details and passwords that have been stored in plain text.
170.  
171. Phishing
172.  
173. The practice of sending out emails that appear to have come from genuine organisations, such as banks or credit card companies, with the intention of tricking the recipient into giving out their sensitive information such as login details.
174.  
175. Often phishing emails will contain links that take the victim to what looks like a genuine site into which they will type their login information.
176.  
177. Port
178.  
179. A virtual doorway that allows net based programs to communicate with your computer. Different programs use different ports, i.e. email typically uses port 25 and web traffic uses port 80.
180.  
181. Potentially unwanted application
182.  
183. A description for apps that aren’t necessarily malicious in nature but which could certainly prove to be wanted, i.e. apps that contain adware.
184.  
185. Proof of concept
186.  
187. This is a demonstration, in theory at least, of how a system can either be protected or attacked.
188.  
189. Ransomeware
190.  
191. A piece of malware that will hold your computer hostage until you pay a ransom. Those behind ransomeware will encrypt your own data and will not unlock it until you send them payment.
192.  
193. Remote code execution
194.  
195. This is where a hacker is able to run malicious code from one PC to another by utilising the web. Once done, the hacker is likely to have complete control over the target machine.
196.  
197. Script kiddie
198.  
199. A wannabe hacker who lacks the skill to create their own malware. They simply re-use or modify code or techniques that have been posted on the internet.
200.  
201. Smurf attack
202.  
203. A type of DDoS attack where requests from the victim’s IP address to a network are spoofed. This leads to all the hosts on the network responding, thereby creating a large volume of traffic and knocking the target IP address out of action.
204.  
205. Spyware
206.  
207. A piece of code that, once installed, will steal personal information. Often arrives via web downloads and disguised as other types of software, such as spyware cleaners for example.
208.  
209. SQL injection
210.  
211. A method used by hackers to attack a website’s database via security flaw. Databases are often an appealing target due to the nature of the information that they store – passwords, credit card details, etc.
212.  
213. Trojan
214.  
215. A piece of malware that disguises itself as something else, much like the horse of legend. Often found hiding as an attachment to an email.
216.  
217. Two-factor authentication
218.  
219. This is a means of strengthening security by requiring more than one piece of information in order to gain access to a system. For instance, in addition to a password for your online banking you may also be required to enter a code generated by a card reader.
220.  
221. URL reputation engine
222.  
223. A tool found within security software that attempts to assess the relative safety of a website by considering factors such as its IP address, age, location and type of content hosted.
224.  
225. Virus
226.  
227. A malicious program that is capable of replicating itself and often designed to cause harm. The earliest viruses weren’t overly effective but nowadays they can bring entire systems down in no time at all.
228.  
229. Vishing
230.  
231. Similar to phishing but conducted via the telephone rather than online. Vishing attacks involve a criminal calling and then trying to extract personal information, i.e. the bad guy will represent themselves as a bank employee that needs you to confirm your login details.
232.  
233. Whitehat
234.  
235. The opposite of blackhat, a whitehat hacker can be thought of as one of the good guys, using their skills for positive purposes rather than negative ones.
236.  
237. Worm
238.  
239. A malicious program that is like a virus in many ways save for the fact that it doesn’t need help from the user to install itself. All a worm needs in order to get onto your machine is a security hole.
240.  
241. Zero day exploit
242.  
243. This is where a way to exploit a vulnerability is discovered on the very day that said vulnerability is discovered. Can be extremely damaging until countermeasures are deployed and so software firms will look to close the hole just as quickly as they can.
244.  
245. Zombie
246.  
247. Another description for a machine that has been hijacked (see botnet).