Hackers

Teardrop attack

What is a Teardrop attack?

Computing technology is an exciting world that boosts creativity in different directions. Unfortunately, malicious people are part of the environment, and they constantly innovate the methods for getting fun, popularity, or profit their way. As a result, the variety of attacks is huge already. Teardrop attack is one choice of the wide attacks’ menu.

What is a DoS attack?

Denial of Service (DoS) is an attack that aims to shut down either a machine or a network by making it inaccessible to users. There are different techniques to reach that evil objective. One is via big loads of traffic for flooding the target until it gets very sluggish and finally stops working. Another, overloading with requests and data, or the sending of malicious information, bugs for exploiting vulnerabilities or destabilizing the machine or network until it crashes. 

DoS attacks have different motivations. Sometimes they are used to sabotage businesses, ask for money for the ransom of a company, protest against a political or social measure, show power, and distract the target for doing something worse like stealing sensitive data. 

What is a Teardrop attack?

Teardrop attack belongs to the category of DoS attacks. A Teardrop attack works by sending altered packets to a target (computer, server, network). The receiver machine (target) conflicts because it can’t put together the packets in the correct sequence. Usually, a bug is used to exploit a TCP/IP vulnerability affecting its reassembly feature or TCP/IP fragmentation codes. Then, after failing continuously while trying to reconstruct the packets properly, an overlapping of them takes place, producing the target crash. 

How does Teardrop attack work?

Continue reading…

DNS tunneling attack: What do you need to know?

The topic of this article is the DNS tunneling attack. First, we will explore it in detail. Then you’ll be able to confidently assert that you know what it does and why it’s so harmful. So, without further ado, let’s get started.

DNS tunneling attack – definition

DNS Tunneling attack is cybercriminal activity. As the name implies, it is the Domain Name System attack type. Its method of operation is simple. DNS queries and responses encode the data of other programs or protocols, most often malicious. This gives attackers a covert command and control route as well as a way to steal data.

Examples and cases of DNS tunneling attack

Continue reading…

DMARC record

DMARC record explained

What is DMARC?

DMARC is an abbreviation of Domain-based Message Authentication Reporting and Conformance, and it is a mechanism for secure email exchange that uses both SPF and DKIM. Having set up DMARC properly for your domain will reduce email phishing (thanks to the reporting of SPF) and spoofing (thanks to the encryption of DKIM). You will have a lot higher email sent success rate, and fewer emails of yours will end up in the spam folder.

Using DMARC will allow you to add an extra level of security on top of the SPF and DKIM.

You can set it up stronger, and even if SPF and DKIM pass, the DMARC still fails because of criteria.

You can make it lighter and limit the use to only SPF or only DKIM.

Why use it?

  1. To send emails uninterrupted. The emails will be encrypted, and the receiver will be able to unlock them with the public key. The presence of DMARC will indicate that the domain could be trusted.
  2. To stop others from using your domain name for phishing attacks. DMARC has the power to tell to the receiving servers – the domain is related to those particular servers. Anything different should be discarded immediately. It can work with allowing only good emails or stopping all bad emails, or both.

How to create a DNS DMARC record?

Continue reading…