Network Security

In today’s world, security is a main concern, especially since we are connected globally. One security concern is called a ping flood. A Ping flood, or ICMP flood, is a common Denial of Service (DoS) attack in which an attacker takes down a computer by overwhelming it with pings. There are several ping commands that can be used to facilitate an attack.

The n command represents the number of times a request is sent.

The l command represents the amount of data sent with each packet.

The t command, used to continue pinging until the host times out.

For a ping flood to be successful, the attacking computer must have access to more bandwidth than the potential victim. The attack involves flooding the victim’s network with request packets, knowing that the network will respond with an equal number of reply packets. The exhausted server is then unavailable to process legitimate requests.

According to (Larsen, 2020), There are 35 types of DDOS attacks and three different categories, Volumetric, protocol and application attacks. DDoS attacks can target a specific application or a badly coded website to exploit its weaknesses. Databases can also be targeted with SQL injections. SQL code is used for backend database manipulation to access hidden data. A ping flood attack occurs when millions of computers attempt to ping a website in a short period of time (Ping Flood Attacks, 2022). A ping of death is another DOS attack where pings are sent with malformed or oversized packets when using the ping command (What is a DDoS Attack? 2016). Ping of death attacks usually occurs when the data packets in a ping exceed 65,536 bytes. Some reasons DOS attacks are used are to disrupt a company, hassle an organization, or for political reasons (Vahid, 2019).  Poor security may make a website more susceptible to hackers. You can restrict attacks by blocking ping request, but it may prevent you from diagnosing server issues. There is network security available for prevention. It is important to safeguard your network.

Unfortunately, there will always be people who will attempt to carry out malicious activities. There are several computer securities issues, such as security holes, viruses, email spam, phishing scams, password cracking, and social engineering.

Individual users can be targeted in a multitude of ways. Security breaches could attempt to scam the user out of money, acquire the user’s personal information, or infect the user's computer with viruses. Most frequently, Internet users are subject to email spam and phishing scams.

Email spam is “unsolicited and unwanted junk email sent out in bulk to an indiscriminate recipient list. Typically, spam is sent for commercial purposes. It can be sent in massive volumes. (What is Spam (2022).” Users can easily opt out by selecting an unsubscribe link at the bottom of their email. Spam can also be used with the intent of spreading computer viruses or botnets which could be used to cause a denial-of-service (DOS) attack on a targeted website.

Many email users are also the target of phishing scams. Phishing scams are typically trying to ascertain an users’ personal information. One common money-making scam is the 419 scam or Nigerian scam (Vahid, 2019). Remember the emails from the Nigerian prince asking for money so that they can relocate their fortune and agree to pay you back later with a greater return? These types of phishing scams are still successful today.

In 2021, 36% of data breaches involved phishing (Kerner, 2022). Other phishing scams are sent out to replicate an email with a link from a person’s bank, shopping website, or utility company to get usernames and passwords. Knowing how to verify a recipient’s email address is beneficial in not falling for these types of scams. Another tip would be being cognizant of bad grammar or misspelled words. This will also help you avoid falling victim to one of these types of scams. Being able to identify phishing scams and spam emails is vital in protecting your personal information and the health of your computer.