Phishing method of hacking is done by creating a fake login page that allows users to enter their email addresses, so that data to be written can be taken without being noticed by the user. Many novice user who stuck by the way, although sometimes form page created very different than the original page. This happens because of a lack of education about the security of electronic mail that we had.
2. Brute Force method of hacking is done by trying all possible password combinations that exist in the word list. Method of hacking is very secure its ability to find the desired password, only drawback would take a very long time to find the desired password combination.
3. eavesdropping This method is done by way of spying on the communication network of the victim, for example, SMS, phone, and so on. Its main purpose, namely to get the username and password of the victim.
4. Watering Hole This method is done by injecting a virus or malware to the victim frequently visited sites, so that when the victim visits the site, will automatically be infected with malware.
5. Sniffing method of hacking is done by monitoring all activity on the data. Where some things that can be monitored, namely:
· E-mail traffic
· FTP password
· web traffic
· Configuring the router
· sessions chat
· DNS traffic
form of attack
- Spoofing is a form of attack that is carried out by means of falsified data, so an attacker can be seen as a trusted host.
There are 2 types of spoofing, namely:
· IP spoofing, spoofing is a technique used by way of falsifying the source IP address, so the IP address can not be traced when the original shipment.
· Identity spoofing, spoofing is a technique by means of infiltration using officially-issued identity to access everything in the network illegally.
2. DNS Poisoning CRAA form of attack is done by giving a fake IP address information in order to divert traffic from the data packets intended purposes. This method is generally used to attack sites of e-commerce and banking. Performers can create a fake server that has a similar appearance to the original site. To avoid that a digital certificate can be used to secure the original server, so it can be distinguished from a fake server.
3. Trojan Horse Form of attacks using this type of destructive software or malware that can damage a system that is injected. Trojans are used usually aim to obtain information from the target, such as passwords, system logs, and so forth. It also allows the perpetrator to obtain access from the target. Trojan is certainly different from a virus because trojans is as though as usual when the program is operating, so as not to arouse suspicion and can also be controlled from another computer. There are several types of trojans, namely:
· Trojan Thieves Password, ie the type of Trojan used to steal passwords stored in the system by making a website look as if waiting to see the hosts enter the login with a password, so that by the time the login password will be sent to the attacker
· Trojan keylogger, which is a type Trojan that will monitor and record all the activity that is typed by the user to subsequently sent to the offender or the attacker.
· Trojan Remote Administration Tool (RAT), which is kind of trojan which is able to take control of a full system, where it allows the attacker to do anything, such as formatting the hard drive, edit and delete data, etc.
4. SQL Injection Form of attack use and exploit security holes, so that the website allows users to enter data without the filter against malicious character, so an attacker can easily gain access to the database of an application and website. The way it is usually done by placing the input on specific parts of a website relating to the application or the database of the website. Attackers generally include links that aims to direct and trap the victim to a website that has been prepared for data retrieval.
There are two types of network security threats, namely passive and active, in which a passive threat in general does not change the data in the system as a passive threat only aims ffor read the information in the system to obtain benefits. Passive threat prevention is fundamental to face this threat. In a network, a passive threat involves two aspects, namely the intruder’s access to the system, so they can see there yanga news content. The second is to read the data in the system. To deal with the threat of passive can use encryption technology, so that if the information is acquired, but the actors do not have the decryption key, the data or messages that still will not be able to be opened. Computer network threat prevention will not be effective, if only counting on the existing technology.
Rampant violations in cyberspace that have the potential to threaten the security of the network, resulting in a lot of things that have the potential to threaten the security of the network, but in this paper focused on the threats that attack through the channel side (side-channel) that is an attack aimed at collecting information / personal data with how to install and run a program in the background so it is not easily identifiable to the user.
Network security is becoming the main focus continues to be discussed because of the many types of attacks are increasing day by day. The integrity of a network would be the main point that should diamanakan. A network security begins by entering the username and password that can not be accessed by unauthorized parties. A network security involves data access in a network controlled by the network administrator. A network security both derived from the analysis and research of: – History of network security – Architecture Internet and security aspects of the Internet – type attack on the network and the method of its security – Development of hardware and software security from attacks carried out by someone attacker can monitor the line communication, obtain user data, and can decrypt a message for the next menyisipinya with things that are not supposed to. When securing a network there are two aspects to be considered, namely the confidentiality and integrity.
The use of WSN in various activities fairly easily in pengoprasian and has a low cost and effective so pretty provides convenience for users to collect data or data transmission. However, masalaah security and limited resources, thus making the system vulnerable to security attacks, several of the examples of attacks are DoS aiming to disrupt service to attempt to restrict access to the machine or service, and therefore in this paper has been given regarding the method -Method to prevent attacks tersbut that will improve the accuracy of the attack, and even be able to recognize different DoS attacks.