http 200 301

http 200 301. DNS server spoofing attacks: Attackers modify DNS servers in order to reroute traffic destined for a specific domain to other IP addresses. A DNS server spoofing attack is launched with the intent of spreading malware.13.2.11 Route Manipulation Attacks There are many types of route manipulation attacks, and one of the more common ones is the BGP hijacking attack. BGP is a dynamic routing protocol that is used to route Internet traffic. An attacker can launch a BGP hijacking attack by compromising or configuring a BGP border router to advertise an IP prefix that is not owned by the unit. If the maliciously advertised BGP route is more accurate or contains a "shorter" AS path than the legitimate BGP route, traffic destined for the victim will be redirected to the attacking host. In the past, threat makers have used unused IP prefixes to launch BGP hijacking attacks in order to not attract the attention of legitimate users or entities.13.2.12 Password Attacks - Several common password attacks are shown below. Password Guessing Attack: This is a very common password attack, but some of the techniques in this attack are less 'efficient. A threat maker can take a manual or automated approach to password guessing, either locally or remotely. There are several tools available to automate password guessing, as follows.. Hydra o. TSGrindero .. SQLReconoThe automatic password guessing tools and cracking programs mentioned above use different techniques. Some tools use a "brute force" technique, which tries to guess the password using every possible combination of characters. Others use a different technique (called dictionary attacks) to guess passwords. Since most passwords (passphrases) consist of whole words, dates, and numbers, these tools use words, phrases, and even common password dictionaries (such as qwerty and password1) to crack passwords. There are also tools, such as JohntheRipper and Cain&Abel480 Chapter 13 Types of Attacks and Vulnerabilitiesare used in a "two-pronged" way to crack passwords with brute force and dictionary attacks.Password reset attacks: In many cases, it is certainly easier to reset a password than to guess it with a tool. There are several cracking tools that can be used to try to reset passwords. In most cases, an attacker can boot the computer from a floppy disk or CD-ROM to bypass the protection of a typical Windows system. Most password reset software comes with a built-in version of Linux that can be used to boot the computer, which can be used to mount the NTFS volume and help the attacker discover and reset the administrator password.