IP Spoofing

A method of masquerading that we're seeing in various Internet attacks today is known as IP spoofing (IP stands for Internet Protocol, one of the communications protocols that underlie the Internet). Certain UNIX programs grant access based on IP addresses; essentially, the system running the program is authenticated, rather than the individual user. The attacker forges the addresses on the data packets he sends so they look as if they came from inside a network on which systems trust each other. Because the attacker's system looks like an inside system, he is never asked for a password or any other type of authentication. In fact, the attacker is using this method to penetrate the system from the outside.

IP spoofing

Password Sniffing
A relatively new type of attack on the Internet is putting even the most carefully chosen passwords at risk. Password sniffers are able to monitor all traffic on areas of a network. Crackers have installed them on networks used by systems that they especially want to penetrate, like telephone systems and network providers. Password sniffers are programs that simply collect the first 128 or more bytes of each network connection on the network that's being monitored. When a user types in a user name and a password--as required when using certain common Internet services like FTP (which is used to transfer files from one machine to another) or Telnet (which lets the user log in remotely to another machine)--the sniffer collects that information. Additional programs sift through the collected information, pull out the important pieces (e.g., the user names and passwords), and cover up the existence of the sniffers in an automated way.

Password Sniffing

Scanning
With scanning, a program known as a war dialer or demon dialer processes a series of sequentially changing information, such as a list of telephone numbers, passwords, or telephone calling card numbers. Suppose that a computer criminal looks in the telephone book and finds that the telephone numbers for the Fourth National Bank range from 791-0000 to 791-5578. Before he goes to bed one night, he programs his computer to call all of the numbers in this range and to record the ones that are answered by a modem. In the morning, he prints out the successful numbers. He now has a list of the telephone numbers that are most likely to give him access to the bank's computers.

Scanning [Ref:
http://www.carnegiecyberacademy.com/facultyPages/cyberCriminals/operate.html http://oreilly.com/catalog/crime/chapter/cri_02.html http://www.crime-research.org/news/01.06.2005/1270/