What is a reflection attack?

Reflective attack is a compromise of server security done by cheating to give up the security code that allows hacker access to him. Reflective attacks are made possible when servers use a simple protocol to authenticate visitors. Adding some steps to increase safety can make such attacks more difficult and forcing hackers to watch other ways of attack. Security experts can assess the system to determine whether the security is sufficient for the application. When attacking the reflection, the hacker logs in and receives a challenge. The server expects the answer in the form of the correct answer. Instead, the hacker creates another connection and sends a prompt back to the server. In a weak protocol, the server sends a response, allowing hackers to send back along the original connection to access to the server.

Using proxy and other tools along the connection can make it difficult to attack the reflection as well as some changes in thereforea bike used by the server. These additional security layers may be more time consuming and costly for implementation and not necessarily provided by default in the system with relatively low safety needs. Systems that use verification access to security can be vulnerable to reflection attack if they are not modified to solve the most common safety holes.

Other techniques to combat the reflection attack may include a monitoring connection to the server for signs of suspicious activity. Someone trying to get an unauthorized access to the server. It may be a warning signal that someone is trying to attack reflection.

Computer security usually includes several levels. If someone fails, such as if the server is confused by a reflection attack, they can enter the game to different levels to damage. These security layers can be implemented by specialists in the area of ​​safety using various programs that offer excess protection, especially systems that process sensitive information such as government data. For extreme security, the system can be kept outside the network and accessible only in person on a device provided by the server and access devices.

IN OTHER LANGUAGES

Was this article helpful? Thanks for the feedback Thanks for the feedback

How can we help? How can we help?