IP Spoofing

IP Spoofing is done by forging TCP/ IP packets using somebody else's IP address as the source address.

A common misconception is that you can use this technique to hide your IP address when surfing websites, visiting chatrooms or sending email.

Land Attack

The Land Attack is performed by crafting a TCP/IP packet with the same source and destination IP address and port and sends it to the target machine. This results in a denial of service (DoS) as some operating systems crash when receiving such a packet.

Ping of Death

The Ping of Death exploits a flaw in the networking code in some operating systems. The attacker sends an IP packet of a certain size which causes the target computer to crash.

Port Scan

A port scan is a reconnaissance technique used to discover which services a computer is running. A port scan consists of sending a message to each port, one at a time. The type of response received indicates whether the port is used or not.

For example, a response on TCP port 80 indicates that the computer may be running a Web service. Additional probing may follow to determine which openrating system and which web server software is being used.

SYN Attack

The SYN (TCP connection request) attack is a denial of service (DoS) technique. The attacker sends multiple SYN packets to the target machine using spoofed IP addresses. The target machine eventually runs out of resources and is unable to handle any more connections, thereby denying service to legitimate users.

Teardrop Attack

The Teardrop Attack is performed by putting an invalid offset value in fragmented IP packets. This can cause the operating system to crash while attempting to reassemble the IP packet. This leads to a denial of service (DoS).

Smurf Attack

The Smurf Attack is performed by sending an ICMP Ping where the source IP address is forged to be that of the victim's machine. These ICMP packets are sent to directed broadcast addresses which act as amplifiers and flood the target machine with ICMP replies.


Spyware is term used to describe software that gathers and sends out user information without the user's knowledge. They are typically bundled as a hidden component of free programs that can be downloaded from the Internet.

Most spyware target vulnerabilities in MSIE. They can be installed without any user intervention by visiting websites which contain code to exploit these vulnerabilities.

WinNuke Attack

The WinNuke Attack causes some versions of the Windows operating system to crash when they receive an Out-Of-Band (OOB) message. This leads to a denial of service (DoS).