DOS Attack
A DOS attack is a denial of service attack. A computer sends a massive amount of traffic to a victim’s computer and shuts it down.DOS is an online attack that is used to make the website unavailable. It sends a massive amount of traffic to a website’s server that is linked to the internet, causing it to go down.
Website defacement
Web defacement is a cyberattack in which malicious hackers get access to a website and change the content on their own. The messages might include political or religious statements, vulgarity, or other offensive information that would shame website owners or a notification that the website has been hacked by a certain hacking organization.
Common causes of defacement attacks include:
– Unauthorized access
– SQL injection
– Cross-site scripting (XSS)
– DNS hijacking
– Malware infection
Directory Traversal
It is a type of exploit that allows attackers to access files, directories, and commands inside the root directory of an application folder. if the attacker gain access beyond the root directory. they can execute commands to explore deeper inside the server and can access sensitive information.
Sniffing attack
By intercepting and manipulating connections between a user and a web server, an attacker can get access to sensitive information. Through eavesdropping or interfering in a connection, an intruder intercepts or alters the messages sent between the user and the web server.
Web Server Misconfiguration
Misconfiguration attack refers to configuration flaws in web infrastructure. An attacker can compromise the web server through various attacks like password cracking, Error-based SQL injection, Command Injection
Other samples of misconfiguration:
– Verbose Debug/Error Messages
– Anonymous or Default Users/Passwords
– Sample Configuration and Script Files
– Remote Administration Functions
– Unnecessary Services Enabled
– Misconfigured/Default SSL Certificates
Referrencce
https://www.greycampus.com/opencampus/ethical-hacking/web-server-and-its-types-of-attacks
https://www.imperva.com/learn/application-security/website-defacement-attack/