2. Attacks Using Local System:
• Session Hijacking
• Windows Hacking
• Scanning
• Phishing
3. Windows Hacking
Hacking : -Art of exploring various security breaches is termed as Hacking.
-Legal or illegal but unauthorised way of bypass any security mechanism
Windows Hacking – Art Of windows Security bypass and Find Loop whole and vulnerability is call a
windows Hacking
Compute security :
• BIOS –Password
• Syskey
• Login
4. Phishing
Phishing: -Spear phishing is a targeted email scam with the sole purpose of obtaining unauthorized
access to sensitive data
Phishing attacks generally target:
* Bank information – e.g. VISA and PayPal accounts.
* Username and password information.
* Social Security numbers.
* Information which can be used to retrieve forgotten or lost credentials.
MOBILE PHISHING:
Phishing scams are not limited to the internet. Some phishers use the telephone to make
requests for information. If you get a call from your banking institution asking for personal
information, hang up and call your bank directly. Your bank will have your social security number and
account information on file and should only ask you to verify a few digits.
5. like Iphone,Apple ,iTunes n more...By SMS
EXAMPLE:-
>>Congratulations! Your mobile phone has won US$ 10 Million prize money. To claim your money,
call this number XXXXXXXX,give your permanent address,pin number,account number or credit
card number...
6. Scaning
Scanning is basically use to scan local LAN and NETWORK
It also motoring To all Input and output data packets and connections
• Angry IP Scanner
• NetScan Tools
• Unicorn scan
• Nmap
Example : netstat –an
7. Session Hijacking
Session hijacking can be done at two levels:
• Network Level
• Application Level.
Network layer hijacking involves TCP and UDP sessions, whereas
Application level session hijack occurs with HTTP sessions. Successful attack on network level sessions
will provide the attacker some critical information which will than be used to attack
application level sessions, so most of the time they occur together depending on the system
that is attacked. Network level attacks are most attractive to an attacker because they do not have to
be customized on web application basis; they simply attack the data flow of the protocol, which is
common for all web applications