Ways Hackers Penetrate A Site Or Web

Here's How A Hacker Used To Break through the Site or the Web-How seoarang how hackers penetrate or infiltrate and destroy a website is as berikut.Teknik techniques include:wordpress website hacked by hackers 01 Here's How A Hacker Used For Breaking into Website

• A. IP Spoofing
• 2. FTP Attack
• 3. Finger Unix Exploits
• 4. Flooding & Broadcasting
• 5. Fragmented Packet Attacks
• 6. E-mail Exploits
• 7. DNS and BIND Vulnerabilities
• 8. Password Attacks
• 9.Proxy Server Attacks
• 10. Command Processing Remote Attacks
• 11. Remote File System Attack
• 12. Selective Program Insertions
• 13. Port Scanning
• Sequence 14.TCP/IP Stealing, Passive Listening Port and Packet
• 15. HTTPD Attacks

A. IP Spoofing 
IP Spoofing is also known as the Source Address Spoofing, the attacker IP address forgery so that the target assumes the attacker's IP address is the IP address of the host in the network rather than from the outside network. Suppose the attacker has a type A 66.25.xx.xx IP address when the attacker to attack this type of network that attacked the IP attacker will assume is part of the IP networknya 192.xx.xx.xx eg type C.
IP Spoofing occurs when an attacker "outsmart" packet routing to change the direction of the data or transmissions to different destinations. Packet routing is usually transmitted to a transparent and clear so as to make it easy to modify the attacker with the data origin or destination of data. This technique is not only used by the attacker, but also used by security professionals to download tracing the identity of the attacker

2. FTP Attack 
One of the attacks carried out against File Transfer Protocol is a buffer overflow attack caused by malformed command. destination FTP server attack is on average is to get a command shell or to perform Denial Of Service. Denial Of Service attacks may eventually lead to a user or attacker to retrieve the resource in the network without authorization, while the command shell can make an attacker gain access to the server system and data files that an attacker can eventually make anonymous acces that have root-rights fully to the system being attacked and even network

3. Finger Unix Exploits 
In the early days of the internet, Unix OS finger utility to be used efficiently for information sharing among users. Due to requests for information on this finger information does not blame the rules, many system administrators leave this utility (finger) with a very minimal security, even with no security at all. For an attacker it is invaluable utility for information on footprinting, including login names and contact information.This utility also provides an excellent description of user activity within the system, how long the user is in the system and how far the user care system. Information generated from this finger to minimize the effort kracker in penetrating a system. Personal information about a user who is raised by the finger daemon is enough for a atacker to perform social engineering using the social skill to utilize the user to "tell" your passwords and access codes to the system.

4. Flooding & Broadcasting 
An attacker could reduce the speed of networks and hosts that are in it are significant by continuing to perform request / demand any information from servers that can handle classic Denial Of Service attacks (DoS), send a request to the named port of excessive flooding, sometimes it is also called spraying. The purpose of this second attack is the same that makes network resource provides information to be weak and eventually gave up.Flooding attacks by relying on two factors: the size and / or volume (size and / or volume). An attacker can cause Denial Of Service by throwing a large-capacity files or a large volume of small package to a system. In such circumstances a network server will deal with congestion: too much information requested and not enough power to push the data to run. Basically a big package requires a greater capacity of the process, but it is not normal and the same small package in a large volume would be useless to spend resources, and cause congestion 
5. Fragmented Packet Attacks
 Internet data is transmitted via TCP / IP can be divided into packets that contain only the first package contents form a major part of information (header / head) of TCP. Some firewalls will allow to process part of packages that do not contain information on the packet source address first, this will result in some type system to crash. For example, the NT server will be a crash if the packets are broken up (fragmented packet) enough information to rewrite the first packet of a protocol

6. E-mail Exploits 
Peng-exploitasian e-mail occurs in five different formats: Floods mail, manipulation commands (command manipulation), the attack rate of transport (transport level attack), include a variety of code (inserting malicious code) and social engineering (utilize socialization physically). Email attack could cause the system to crash, open and execute even rewriting application files or also make access to command functions (command function)

7. DNS and BIND Vulnerabilities
 Recent news about vulnerabilities (vulnerabilities) of the Berkeley Internet Name Domain applications (BIND) in various versions illustrate the fragility of the Domain Name System (DNS), which is a crisis that is directed at the basic operation of the Internet (basic internet operation)

8. Password Attacks
 Password is a common thing when we talk about security. Sometimes a user does not care a pin number that they have, such as online transaction in the cafe, even transact online at home is very dangerous if not equipped with security software such as SSL and PGP. Password security is one procedure that is very difficult to attack, an attacker may have many tools (technically or in social life) just to open something that is protected by a password.When an attacker managed to get a password that is owned by a user, then he will have power equal to that user. Train employees / users to remain vigilant in safeguarding the password of social engineering can at least minimize the risk, but in case of social enginering practice organization must be aware of this technical way. Most of the attacks carried out against the password guessing (guessing), brute force, cracking and sniffing

9.Proxy Server Attacks 
One function is a proxy server to speed up response time by bringing together the process of multiple hosts in a trusted network

10. Command Processing Remote Attacks
 Trusted Relationship between two or more hosts Provides information exchange and resource sharing. Similarly, the proxy server, trusted relationship to all members of the network providing access to the same power in one or another system (the network).Attacker will attack the server that is a member of the trusted system. Just as the latency to the proxy server, when access is received, an attacker would have the ability to execute commands and to access the data available to other users

11. Remote File System Attack 
Protocols for transporting data (the backbone of the internet) is the level of TCP (TCP level) with a mechanism that has the ability to read / write (read / write) between network and host. Attacker can easily obtain the information traces of this mechanism to gain access to the directory file

12. Selective Program Insertions
 Selective Program Insertions are done when the attacker attacks put destroyer programs, such as viruses, worms and trojans (maybe you already know this term well?) On the target system. Destruction programs are often called malware. These programs have the ability to damage the system, file destruction, theft of passwords to open the backdoor

13. Port Scanning 
Through port scanning an attacker can see the functions and how to survive a system of various ports. A atacker can get access to the system through an unprotected port. Sebaia example, scanning can be used to determine where the default SNMP string in the open to the public, which means that information can be extracted for use in remote command attack

14. TCP/IP Stealing, Passive Listening Port and Packet 
Interception TCP / IP Sequence Stealing, Passive Listening Port and Packet Interception walk to collect sensitive information to access the network. Unlike active attack or brute-force, attack using this method has more stealth-like qualities

15. HTTPD AttacksThe vulnerability is present in any HTTPD webserver or five kinds: buffer overflows, bypasses httpd, cross scripting, web code vulnerabilities, and URL Floods.